Vulnslist

find the latest Cisco vulnerabilities

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability

cisco-sa-asaftd-snmpaccess-M6yOweq3 · Medium · Published · Updated

A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3 This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication.

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2021-34794
Cisco Bug IDsCSCvw31710, CSCvw51436, CSCvv49739
CVSS ScoreBase 5.3
Base 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Adaptive Security Appliance (ASA) Software 9.14.1, Cisco Adaptive Security Appliance (ASA) Software 9.14.1.10, Cisco Adaptive Security Appliance (ASA) Software 9.14.1.6, Cisco Adaptive Security Appliance (ASA) Software 9.14.1.15, Cisco Adaptive Security Appliance (ASA) Software 9.14.1.19, Cisco Adaptive Security Appliance (ASA) Software 9.14.1.30, Cisco Adaptive Security Appliance (ASA) Software 9.14.2, Cisco Firepower Threat Defense Software 6.6.0, Cisco Firepower Threat Defense Software 6.6.0.1, Cisco Firepower Threat Defense Software 6.6.1, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco Firepower 2100 Series, Cisco Firepower 1000 Series, Cisco ASA 5500-X Series Firewalls, Cisco 3000 Series Industrial Security Appliances (ISA), Cisco Firepower 9000 Series, Cisco Firepower 4100 Series, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Secure Firewall Threat Defense Virtual

Related Products

Product CVE Evidence
Cisco Secure Firewall Threat Defense Virtual CVE-2021-34794 Cisco OpenVuln
Cisco Secure Firewall Threat Defense (FTD) Software CVE-2021-34794 Cisco OpenVuln
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software CVE-2021-34794 Cisco OpenVuln
Cisco Firepower Threat Defense Software CVE-2021-34794 Cisco OpenVuln
Cisco Firepower 9000 Series CVE-2021-34794 Cisco OpenVuln
Cisco Firepower 4100 Series CVE-2021-34794 Cisco OpenVuln
Cisco Firepower 2100 Series CVE-2021-34794 Cisco OpenVuln
Cisco Firepower 1000 Series CVE-2021-34794 Cisco OpenVuln
Cisco Adaptive Security Virtual Appliance (ASAv) CVE-2021-34794 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2021-34794 Cisco OpenVuln
Cisco ASA 5500-X Series Firewalls CVE-2021-34794 Cisco OpenVuln
Cisco 3000 Series Industrial Security Appliances (ISA) CVE-2021-34794 Cisco OpenVuln