CVE-2021-40114

CVE Database · CVE-2021-40114

CVE-2021-40114

· MEDIUMModified

CVSS v3.1

6.8

EPSS

2.37%

Published

Oct 27, 2021

Modified

Nov 26, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

Weaknesses (CWE)

CWE-770CWE-401

Affected Products (11)

cisco · firepower_threat_defense (up to 6.4.0.12)vulnerable

cisco · firepower_threat_defense (up to 6.6.3)vulnerable

cisco · firepower_threat_defense (up to 6.7.0.2)vulnerable

cisco · secure_firewall_management_centervulnerable