CVE-2021-34753

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-34753
A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. This vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet.

5.8 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP
Configurations

No configuration.

History

18 Nov 2024, 17:11

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad en la inspección de payload del tráfico del Protocolo industrial Ethernet (ENIP) para el software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado eluda las reglas configuradas para el tráfico ENIP. Esta vulnerabilidad se debe a un procesamiento incompleto durante la inspección profunda de paquetes de ENIP. Un atacante podría aprovechar esta vulnerabilidad enviando un paquete ENIP manipulado a la interfaz de destino. Una explotación exitosa podría permitir al atacante eludir las políticas de intrusión y control de acceso configuradas que deberían activarse y descartarse para el paquete ENIP.

15 Nov 2024, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-11-15 17:15

Updated : 2024-11-18 17:11

NVD link : CVE-2021-34753

Mitre link : CVE-2021-34753

CVE.ORG link : CVE-2021-34753

JSON object : View

Products Affected

No product.

CWE
CWE-284

Improper Access Control


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024