Vulnslist

find the latest Cisco vulnerabilities

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability

cisco-sa-snort-filepolbypass-67DEwMe2 · Medium · Published · Updated

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2021-1223
Cisco Bug IDsCSCvs71969, CSCvu18635
CVSS ScoreBase 5.8
Base 5.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco UTD SNORT IPS Engine Software, Cisco Firepower Threat Defense Software 6.2.3, Cisco Firepower Threat Defense Software 6.2.3.1, Cisco Firepower Threat Defense Software 6.2.3.2, Cisco Firepower Threat Defense Software 6.2.3.3, Cisco Firepower Threat Defense Software 6.2.3.4, Cisco Firepower Threat Defense Software 6.2.3.5, Cisco Firepower Threat Defense Software 6.2.3.6, Cisco Firepower Threat Defense Software 6.2.3.7, Cisco Firepower Threat Defense Software 6.2.3.8, Cisco Firepower Threat Defense Software 6.2.3.10, Cisco Firepower Threat Defense Software 6.2.3.11, Cisco Firepower Threat Defense Software 6.2.3.9, Cisco Firepower Threat Defense Software 6.2.3.12, Cisco Firepower Threat Defense Software 6.2.3.13, Cisco Firepower Threat Defense Software 6.2.3.14, Cisco Firepower Threat Defense Software 6.2.3.15, Cisco Firepower Threat Defense Software 6.2.3.16, Cisco Firepower Threat Defense Software 6.6.0, Cisco Firepower Threat Defense Software 6.6.0.1, Cisco Firepower Threat Defense Software 6.6.1, Cisco Firepower Threat Defense Software 6.6.3, Cisco Firepower Threat Defense Software 6.4.0, Cisco Firepower Threat Defense Software 6.4.0.1, Cisco Firepower Threat Defense Software 6.4.0.3, Cisco Firepower Threat Defense Software 6.4.0.2, Cisco Firepower Threat Defense Software 6.4.0.4, Cisco Firepower Threat Defense Software 6.4.0.5, Cisco Firepower Threat Defense Software 6.4.0.6, Cisco Firepower Threat Defense Software 6.4.0.7, Cisco Firepower Threat Defense Software 6.4.0.8, Cisco Firepower Threat Defense Software 6.4.0.9, Cisco Firepower Threat Defense Software 6.4.0.10, Cisco Firepower Threat Defense Software 6.4.0.11, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco Firepower 2100 Series, Cisco Firepower 1000 Series, Cisco 3000 Series Industrial Security Appliances (ISA), Cisco Firepower 9000 Series, Cisco Firepower 4100 Series, Cisco Secure Firewall Threat Defense Virtual

Related Products

Product CVE Evidence
Cisco UTD SNORT IPS Engine Software CVE-2021-1223 Cisco OpenVuln
Cisco Secure Firewall Threat Defense Virtual CVE-2021-1223 Cisco OpenVuln
Cisco Secure Firewall Threat Defense (FTD) Software CVE-2021-1223 Cisco OpenVuln
Cisco Firepower Threat Defense Software CVE-2021-1223 Cisco OpenVuln
Cisco Firepower 9000 Series CVE-2021-1223 Cisco OpenVuln
Cisco Firepower 4100 Series CVE-2021-1223 Cisco OpenVuln
Cisco Firepower 2100 Series CVE-2021-1223 Cisco OpenVuln
Cisco Firepower 1000 Series CVE-2021-1223 Cisco OpenVuln
Cisco 3000 Series Industrial Security Appliances (ISA) CVE-2021-1223 Cisco OpenVuln