CVE-2021-40117

CVE Database · CVE-2021-40117

CVE-2021-40117

· HIGHModified

CVSS v3.1

8.6

EPSS

1.48%

Published

Oct 27, 2021

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Weaknesses (CWE)

CWE-119CWE-400

Affected Products (34)

cisco · adaptive_security_appliance (up to 9.8.4.40)vulnerable

cisco · firepower_threat_defense (up to 6.2.3.17)vulnerable

cisco · firepower_threat_defense (up to 6.4.0.13)vulnerable

cisco · firepower_threat_defense (up to 6.6.5)vulnerable

cisco · firepower_threat_defense (up to 6.7.0.3)vulnerable

cisco · firepower_threat_defense (up to 7.0.1)vulnerable

cisco · adaptive_security_appliance_software (up to 9.12.4.26)vulnerable