{"vulnerability": "CVE-2021-3470", "sightings": [{"uuid": "77135e20-3107-4fcc-aa9a-0ba2a4a91d5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34701", "type": "seen", "source": "https://t.me/cibsecurity/31832", "content": "\u203c CVE-2021-34701 \u203c\n\nA vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an authenticated, remote attacker to access sensitive data on an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the affected system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-04T19:25:10.000000Z"}, {"uuid": "b70a279d-b7fe-491a-b9a0-c7f4d86b3873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34704", "type": "seen", "source": "https://t.me/cyberbannews_ir/4504", "content": "\ud83d\uded1\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f \u0633\u06cc\u0633\u06a9\u0648\u060c \u0622\u0628\u06cc \u0628\u0631 \u062f\u06cc\u0648\u0627\u0631 \u0622\u062a\u0634 \u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a!\n\n\u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f \u062f\u0631 \u062f\u0648 \u0645\u062d\u0635\u0648\u0644 \u0633\u06cc\u0633\u06a9\u0648 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0631\u0627 \u062f\u0686\u0627\u0631 \u0627\u062e\u062a\u0644\u0627\u0644 \u06a9\u0646\u062f.\n\n\u0645\u062d\u0642\u0642\u06cc\u0646 Positive Technologies \u0627\u06cc\u0646 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc (CVE-2021-34704) \u0631\u0627 \u0645\u0627\u0647 \u0627\u06a9\u062a\u0628\u0631 \u062f\u0631 \u062f\u06cc\u0648\u0627\u0631 \u0622\u062a\u0634 \u06cc\u0627 \u0628\u0647 \u0627\u0635\u0637\u0644\u0627\u062d \u0641\u0627\u06cc\u0631 \u0648\u0627\u0644 \u0647\u0627\u06cc \u062f\u0633\u062a\u06af\u0627\u0647 \u0645\u062f\u06cc\u0631\u06cc\u062a \u062a\u0647\u062f\u06cc\u062f Cisco ASA \u0648 Cisco FTD \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f\u0646\u062f.\n\n\u062f\u0631 \u0635\u0648\u0631\u062a \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc\u060c \u062f\u06cc\u0648\u0627\u0631 \u0622\u062a\u0634 \u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u062d\u0645\u0644\u0627\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u062a\u0636\u0639\u06cc\u0641 \u062e\u0648\u0627\u0647\u062f \u0634\u062f. \u062f\u0633\u062a\u0631\u0633\u06cc \u06a9\u0627\u0631\u0645\u0646\u062f\u0627\u0646 \u062f\u0648\u0631\u06a9\u0627\u0631 \u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0628\u0647 \u0634\u0628\u06a9\u0647 \u062f\u0627\u062e\u0644\u06cc \u0646\u06cc\u0632 \u0645\u0633\u062f\u0648\u062f \u062e\u0648\u0627\u0647\u062f \u0634\u062f.\n\n#\u0633\u06cc\u0633\u06a9\u0648\n\n\u2705 \u0628\u06cc\u0634\u062a\u0631 \u0628\u062e\u0648\u0627\u0646\u06cc\u062f:\nhttps://bit.ly/3DOayKm\n\n@cyberbannews_ir", "creation_timestamp": "2021-11-24T06:55:54.000000Z"}, {"uuid": "6801251e-cbd3-4503-9b2c-97b2a327bbe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34704", "type": "seen", "source": "https://t.me/cibsecurity/35267", "content": "\u203c CVE-2021-34704 \u203c\n\nA vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-11T22:16:18.000000Z"}, {"uuid": "8fe3ccea-95a8-4a36-a303-ab63e5988e06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34704", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/90", "content": "Cisco fixed an Unauth DoS (CVE-2021-34704) in Cisco ASA and Cisco FTD found by our researcher Nikita Abramov.\n\nA successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\n\nShodan: 242,070 results \ud83d\udd25\n\nAdvisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA", "creation_timestamp": "2021-11-17T14:24:13.000000Z"}, {"uuid": "23ba344a-2bd8-41e4-a055-e866c8c711c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34704", "type": "seen", "source": "https://t.me/NeKaspersky/1470", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Cisco ASA \u043c\u043e\u0436\u0435\u0442 \u043f\u0430\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c VPN-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \n\nPositive Technologies \u043d\u0430\u0448\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 Cisco Asa, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u0434\u0435\u0441\u0442\u0430\u0431\u0438\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0445 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0434\u044b\u0440\u0430 CVE-2021-34704, \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u0432 8,6 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e CVSS, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u043f\u043e\u043b\u043d\u044b\u0439 \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438. \u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u043e\u0435 \u043d\u0435\u0430\u0434\u0435\u043a\u0432\u0430\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u043f\u0430\u0440\u0441\u0438\u043d\u0433\u0435 HTTPS-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. \n\n\u0412 \u0437\u043e\u043d\u0435 \u0440\u0438\u0441\u043a\u0430 \u0441\u043e\u0444\u0442 Cisco \u043b\u0438\u043d\u0435\u0435\u043a ASA \u0438 FTD \u2014 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438 \u0443\u0441\u043b\u043e\u0432\u0438\u0438 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 AnyConnect \u0438\u043b\u0438 WebVPN. \n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u043e\u043c\u0438\u043c\u043e \u0434\u0435\u0441\u0442\u0430\u0431\u0438\u043b\u0438\u0437\u0430\u0446\u0438\u0438 VPN-\u0441\u0440\u0435\u0434\u0441\u0442\u0432, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043e\u0444\u0442\u0430 \u043b\u0438\u0448\u0430\u0435\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044e \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430. \u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0445\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043d\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u0441\u044f, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u0431\u0443\u0434\u0435\u0442 \u0443\u0436\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d. \n\n\u0427\u0442\u043e\u0431\u044b \u043d\u0435 \u0431\u044b\u0442\u044c \u043e\u0442\u0440\u0435\u0437\u0430\u043d\u043d\u044b\u043c\u0438 \u043e\u0442 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0441\u0435\u0442\u0438, \u043f\u043e\u0437\u0438\u0442\u0438\u0432\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435.", "creation_timestamp": "2021-11-23T17:26:15.000000Z"}, {"uuid": "55c3a9e1-9338-442f-b486-6c10d6ef87e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34707", "type": "seen", "source": "https://t.me/cibsecurity/26842", "content": "\u203c CVE-2021-34707 \u203c\n\nA vulnerability in the REST API of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to access sensitive data on an affected system. This vulnerability exists because the application does not sufficiently protect sensitive data when responding to an API request. An attacker could exploit the vulnerability by sending a specific API request to the affected application. A successful exploit could allow the attacker to obtain sensitive information about the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T23:23:37.000000Z"}, {"uuid": "111a04ab-6a17-4e16-ad7c-9e4e3f0dd66a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34706", "type": "seen", "source": "https://t.me/cibsecurity/30123", "content": "\u203c CVE-2021-34706 \u203c\n\nA vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information or conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by uploading a crafted XML file that contains references to external entities. A successful exploit could allow the attacker to retrieve files from the local system, resulting in the disclosure of sensitive information, or cause the web application to perform arbitrary HTTP requests on behalf of the attacker.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-07T00:32:37.000000Z"}, {"uuid": "7ff6c819-c3c7-4972-b3c1-e529e4e3e45a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34705", "type": "seen", "source": "https://t.me/cibsecurity/29262", "content": "\u203c CVE-2021-34705 \u203c\n\nA vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability is due to insufficient validation of dial strings at Foreign Exchange Office (FXO) interfaces. An attacker could exploit this vulnerability by sending a malformed dial string to an affected device via either the ISDN protocol or SIP. A successful exploit could allow the attacker to conduct toll fraud, resulting in unexpected financial impact to affected customers.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T07:29:33.000000Z"}, {"uuid": "6141e536-0e39-4f94-afd4-780006c84f15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34703", "type": "seen", "source": "https://t.me/cibsecurity/29260", "content": "\u203c CVE-2021-34703 \u203c\n\nA vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper initialization of a buffer. An attacker could exploit this vulnerability via any of the following methods: An authenticated, remote attacker could access the LLDP neighbor table via either the CLI or SNMP while the device is in a specific state. An unauthenticated, adjacent attacker could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then waiting for an administrator of the device or a network management system (NMS) managing the device to retrieve the LLDP neighbor table of the device via either the CLI or SNMP. An authenticated, adjacent attacker with SNMP read-only credentials or low privileges on the device CLI could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then accessing the LLDP neighbor table via either the CLI or SNMP. A successful exploit could allow the attacker to cause the affected device to crash, resulting in a reload of the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T07:29:31.000000Z"}, {"uuid": "3b659fa2-0671-411b-a8a8-b2ce80e9f3d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34709", "type": "seen", "source": "https://t.me/cibsecurity/28554", "content": "\u203c CVE-2021-34709 \u203c\n\nMultiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-09T12:29:31.000000Z"}, {"uuid": "9091cc2a-5192-4da1-935f-2e00d711d613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34704", "type": "seen", "source": "https://t.me/xakep_ru/11606", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Cisco \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0430 \u0443\u0433\u0440\u043e\u0437\u0443 \u0431\u0438\u0437\u043d\u0435\u0441-\u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Positive Technologies \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043b\u0438\u043d\u0435\u0439\u043a\u0435 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u043e\u0432 Cisco ASA (Adaptive Security Appliance) \u0438 Cisco FTD (Firepower Threat Defense), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u044c \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\nhttps://xakep.ru/2021/11/22/cve-2021-34704/", "creation_timestamp": "2021-11-22T16:33:29.000000Z"}]}