CVE-2021-1236

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network.

Severity	MEDIUM
CVSS	5.3
CWE	CWE-670
KEV
Published	5 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco UTD SNORT IPS Engine Software	cisco-sa-snort-app-bypass-cSBYCATq
Cisco Secure Firewall Threat Defense Virtual	cisco-sa-snort-app-bypass-cSBYCATq
Cisco Secure Firewall Threat Defense (FTD) Software	cisco-sa-snort-app-bypass-cSBYCATq
Cisco Firepower Threat Defense Software	cisco-sa-snort-app-bypass-cSBYCATq
Cisco Firepower 9000 Series	cisco-sa-snort-app-bypass-cSBYCATq
Cisco Firepower 4100 Series	cisco-sa-snort-app-bypass-cSBYCATq
Cisco Firepower 2100 Series	cisco-sa-snort-app-bypass-cSBYCATq
Cisco Firepower 1000 Series	cisco-sa-snort-app-bypass-cSBYCATq
Cisco 3000 Series Industrial Security Appliances (ISA)	cisco-sa-snort-app-bypass-cSBYCATq