CVE-2021-1236

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network.
Severity
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Atk. Vector
NETWORK
Atk. Complexity
LOW
Priv. Required
NONE
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
ciscoios_xe
𝑥
< 17.4.1
ciscofirepower_threat_defense
𝑥
< 6.5.0.5
ciscosecure_firewall_management_center
2.9.14.0
ciscosecure_firewall_management_center
2.9.14.14
ciscosecure_firewall_management_center
2.9.15
ciscosecure_firewall_management_center
2.9.16
ciscosecure_firewall_management_center
2.9.17
snortsnort
𝑥
< 2.9.14
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
snort
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
not-affected
jammy
not-affected
impish
not-affected
focal
needed
bionic
needed
xenial
needed
trusty
needed