Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-1224

Опубликовано: 13 янв. 2021
Источник: nvd
CVSS3: 5.8
CVSS3: 5.3
CVSS2: 5
EPSS Низкий

Описание

Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
Версия до 6.7.0 (исключая)
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.17:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.18:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:3.0.1:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
Версия до 17.4.1 (исключая)

Одно из

cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*
Версия до 2.9.17 (исключая)
Конфигурация 4

Одновременно

cpe:2.3:o:cisco:meraki_mx64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*
Конфигурация 5

Одновременно

cpe:2.3:o:cisco:meraki_mx64w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*
Конфигурация 6

Одновременно

cpe:2.3:o:cisco:meraki_mx67_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*
Конфигурация 7

Одновременно

cpe:2.3:o:cisco:meraki_mx67c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*
Конфигурация 8

Одновременно

cpe:2.3:o:cisco:meraki_mx67w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*
Конфигурация 9

Одновременно

cpe:2.3:o:cisco:meraki_mx68_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*
Конфигурация 10

Одновременно

cpe:2.3:o:cisco:meraki_mx68cw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*
Конфигурация 11

Одновременно

cpe:2.3:o:cisco:meraki_mx68w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*
Конфигурация 12

Одновременно

cpe:2.3:o:cisco:meraki_mx100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*
Конфигурация 13

Одновременно

cpe:2.3:o:cisco:meraki_mx84_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*
Конфигурация 14

Одновременно

cpe:2.3:o:cisco:meraki_mx250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*
Конфигурация 15

Одновременно

cpe:2.3:o:cisco:meraki_mx450_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*

EPSS

Процентиль: 58%
0.00366
Низкий

5.8 Medium

CVSS3

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-693
NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2021-1224

CVSS3: 5.8
ubuntu
около 5 лет назад

Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

debian логотип

CVE-2021-1224

CVSS3: 5.8
debian
около 5 лет назад

Multiple Cisco products are affected by a vulnerability with TCP Fast ...

github логотип

GHSA-p854-c355-26cj

CVSS3: 5.3
github
больше 3 лет назад

Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

fstec логотип

BDU:2021-00416

CVSS3: 5.8
fstec
около 5 лет назад

Уязвимость расширения протокола TCP Fast Open (TFO) системы обнаружения вторжений Snort, позволяющая нарушителю обойти настроенную файловую политику для HTTP

EPSS

Процентиль: 58%
0.00366
Низкий

5.8 Medium

CVSS3

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-693
NVD-CWE-Other