CVE-2021-1494

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.

CVSS v3 5.8 MEDIUM

5.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc

Configurations

No configuration.

History

18 Nov 2024, 17:11

Type	Values Removed	Values Added
Summary		(es) Varios productos de Cisco se ven afectados por una vulnerabilidad en el motor de detección Snort que podría permitir que un atacante remoto no autenticado eluda una política de archivos configurada para HTTP. La vulnerabilidad se debe a un manejo incorrecto de parámetros de encabezado HTTP específicos. Un atacante podría aprovechar esta vulnerabilidad enviando paquetes HTTP manipulado a través de un dispositivo afectado. Una explotación exitosa podría permitir al atacante eludir una política de archivos configurada para paquetes HTTP y entregar una carga maliciosa.

15 Nov 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-15 17:15

Updated : 2024-11-18 17:11

NVD link : CVE-2021-1494

Mitre link : CVE-2021-1494

CVE.ORG link : CVE-2021-1494

JSON object : View

Products Affected

No product.

CWE

CWE-693

Protection Mechanism Failure

5.8 /10