CVE-2021-1236 MEDIUM

CVE-2021-1236: Multiple Cisco Products Snort Application Detection Engine Policy Bypass Vulnerability

Vendor Cisco
Product Cisco Firepower Threat Defense Software
Weakness CWE-670
Published January 13, 2021
Last update November 12, 2024

CVSS base score

4.0/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

What the vulnerability does

01Description

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network.

Key dates

02Disclosure timeline

January 13, 2021 CVE published
November 12, 2024 Record updated