{"vulnerability": "CVE-2021-3475", "sightings": [{"uuid": "1d911311-a249-4977-92b1-d7f65c6b5898", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34755", "type": "seen", "source": "https://t.me/cibsecurity/31315", "content": "\u203c CVE-2021-34755 \u203c\n\nMultiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-27T22:16:34.000000Z"}, {"uuid": "dd723102-8654-4dc6-9f6f-d8fb68c963a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34753", "type": "seen", "source": "https://t.me/cvedetector/11128", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2021-34753 - Cisco Firepower Threat Defense ENIP Payload Inspection Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2021-34753 \nPublished : Nov. 15, 2024, 5:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic.  \n  \nThis vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T19:07:54.000000Z"}, {"uuid": "037dc53d-62ef-4499-951e-7b8ce7ae9a1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34752", "type": "seen", "source": "https://t.me/cvedetector/11127", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2021-34752 - Cisco FTD Software Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2021-34752 \nPublished : Nov. 15, 2024, 5:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability in the CLI of Cisco\u00a0FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying operating system of an affected device.\u00a0  \n  \nThis vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected commands. A successful exploit could allow the attacker to execute commands with root privileges on the underlying operating system.  \nCisco\u00a0has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T19:07:54.000000Z"}, {"uuid": "2575c311-1d75-48f8-8888-3dea648de37d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34758", "type": "seen", "source": "https://t.me/cibsecurity/30126", "content": "\u203c CVE-2021-34758 \u203c\n\nA vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient access controls to a shared memory resource. An attacker could exploit this vulnerability by corrupting a shared memory segment on an affected device. A successful exploit could allow the attacker to cause the device to reload. The device will recover from the corruption upon reboot.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-07T00:32:43.000000Z"}, {"uuid": "4332d125-0b30-4850-b55e-e8bb121da949", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34757", "type": "seen", "source": "https://t.me/cibsecurity/30115", "content": "\u203c CVE-2021-34757 \u203c\n\nMultiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-07T00:32:27.000000Z"}, {"uuid": "6ed9e346-9b11-4385-8dc1-17f7dd540a38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34759", "type": "seen", "source": "https://t.me/cibsecurity/28200", "content": "\u203c CVE-2021-34759 \u203c\n\nA vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker would need valid administrative credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-02T07:35:36.000000Z"}, {"uuid": "c392b0a0-599a-4516-8ea0-4f9cf44ac2ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34756", "type": "seen", "source": "https://t.me/cibsecurity/31303", "content": "\u203c CVE-2021-34756 \u203c\n\nMultiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-27T22:16:17.000000Z"}]}