cvelistv5 - cve-2021-34753

cve-2021-34753

Vulnerability from cvelistv5

Published

2024-11-15 16:14

Modified

2024-11-15 18:06

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. This vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet.

References

▼	URL	Tags
	ykramarz@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Firepower Threat Defense Software	Version: N/A

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "firepower_threat_defense_software",
                  vendor: "cisco",
                  versions: [
                     {
                        lessThan: "6.4.0.13",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "6.6.5.1",
                        status: "affected",
                        version: "6.5.0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "6.7.0.3",
                        status: "affected",
                        version: "6.7.0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "7.0.1",
                        status: "affected",
                        version: "7.0.0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2021-34753",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-15T18:01:18.673496Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T18:06:40.214Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Firepower Threat Defense Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "N/A",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic.\r\n\r\nThis vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                  version: "3.1",
               },
               format: "cvssV3_1",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-284",
                     description: "Improper Access Control",
                     lang: "en",
                     type: "cwe",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-15T16:14:45.327Z",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "cisco-sa-ftd-enip-bypass-eFsxd8KP",
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP",
            },
         ],
         source: {
            advisory: "cisco-sa-ftd-enip-bypass-eFsxd8KP",
            defects: [
               "CSCvy02240",
            ],
            discovery: "EXTERNAL",
         },
         title: "Cisco Firepower Threat Defense Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2021-34753",
      datePublished: "2024-11-15T16:14:45.327Z",
      dateReserved: "2021-06-15T13:43:49.943Z",
      dateUpdated: "2024-11-15T18:06:40.214Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2021-34753\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2024-11-15T17:15:10.303\",\"lastModified\":\"2024-11-18T17:11:56.587\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic.\\r\\n\\r\\nThis vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la inspección de payload del tráfico del Protocolo industrial Ethernet (ENIP) para el software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado eluda las reglas configuradas para el tráfico ENIP. Esta vulnerabilidad se debe a un procesamiento incompleto durante la inspección profunda de paquetes de ENIP. Un atacante podría aprovechar esta vulnerabilidad enviando un paquete ENIP manipulado a la interfaz de destino. Una explotación exitosa podría permitir al atacante eludir las políticas de intrusión y control de acceso configuradas que deberían activarse y descartarse para el paquete ENIP.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP\",\"source\":\"ykramarz@cisco.com\"}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-34753\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-15T18:01:18.673496Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"firepower_threat_defense_software\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.4.0.13\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"6.5.0\", \"lessThan\": \"6.6.5.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"6.7.0\", \"lessThan\": \"6.7.0.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.0.0\", \"lessThan\": \"7.0.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-15T18:06:22.543Z\"}}], \"cna\": {\"title\": \"Cisco Firepower Threat Defense Ethernet Industrial Protocol Policy Bypass Vulnerabilities\", \"source\": {\"defects\": [\"CSCvy02240\"], \"advisory\": \"cisco-sa-ftd-enip-bypass-eFsxd8KP\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Firepower Threat Defense Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"N/A\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco\\u00a0PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP\", \"name\": \"cisco-sa-ftd-enip-bypass-eFsxd8KP\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic.\\r\\n\\r\\nThis vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-284\", \"description\": \"Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2024-11-15T16:14:45.327Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2021-34753\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-15T18:06:40.214Z\", \"dateReserved\": \"2021-06-15T13:43:49.943Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2024-11-15T16:14:45.327Z\", \"assignerShortName\": \"cisco\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}

gsd-2021-34753

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2021-34753

Aliases

CVE-2021-34753

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2021-34753",
      id: "GSD-2021-34753",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2021-34753",
         ],
         id: "GSD-2021-34753",
         modified: "2023-12-13T01:23:14.670753Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "cve@mitre.org",
            ID: "CVE-2021-34753",
            STATE: "RESERVED",
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
               },
            ],
         },
      },
   },
}

cisco-sa-ftd-enip-bypass-eFsxd8KP

Vulnerability from csaf_cisco

Published

2021-10-27 16:00

Modified

2021-10-27 16:00

Summary

Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities

Notes

Summary

Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication ["https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74773"].

Vulnerable Products

At the time of publication, these vulnerabilities affected Cisco FTD Software if it was configured to detect and block ENIP traffic. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software ["#fs"] section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.

Products Confirmed Not Vulnerable

Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by these vulnerabilities. Cisco has confirmed that these vulnerabilities do not affect Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Management Center (FMC) Software.

Workarounds

There are no workarounds that address these vulnerabilities.

Fixed Software

When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following table(s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. The left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerabilities described in this advisory and which release included the fix for these vulnerabilities. FTD Software Cisco FTD Software Release First Fixed Release for These Vulnerabilities 6.2.2 and earlier1 Migrate to a fixed release. 6.2.3 Migrate to a fixed release. 6.3.01 Migrate to a fixed release. 6.4.0 6.4.0.13 (Nov 2021) 6.5.01 Migrate to a fixed release. 6.6.0 6.6.5.1 (Nov 2021) 6.7.0 6.7.0.3 (Jan 2022) 7.0.0 7.0.1 1. Cisco FMC and FTD Software releases 6.2.2 and earlier, as well as releases 6.3.0 and 6.5.0, have reached end of software maintenance ["https://www.cisco.com/c/en/us/products/eos-eol-listing.html"]. Customers are advised to migrate to a supported release that includes the fix for these vulnerabilities. For instructions on upgrading your FTD device, see Cisco Firepower Management Center Upgrade Guide ["https://www.cisco.com/c/en/us/td/docs/security/firepower/upgrade/fpmc-upgrade-guide/getting_started.html"]. The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.

Vulnerability Policy

To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Exploitation and Public Announcements

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

Source

Cisco would like to thank Gregory Norton, Thuy Nguyen, and Cynthia Irvine of the Naval Postgraduate School for reporting these vulnerabilities.

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.

JSON

To clipboard

{
   document: {
      acknowledgments: [
         {
            summary: "Cisco would like to thank Gregory Norton, Thuy Nguyen, and Cynthia Irvine of the Naval Postgraduate School for reporting these vulnerabilities.",
         },
      ],
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      notes: [
         {
            category: "summary",
            text: "Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic.\r\n\r\nThese vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet.\r\n\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.\r\n\r\n\r\n\r\nThis advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication [\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74773\"].",
            title: "Summary",
         },
         {
            category: "general",
            text: "At the time of publication, these vulnerabilities affected Cisco FTD Software if it was configured to detect and block ENIP traffic.\r\n\r\nFor information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software [\"#fs\"] section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.",
            title: "Vulnerable Products",
         },
         {
            category: "general",
            text: "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by these vulnerabilities.\r\n\r\nCisco has confirmed that these vulnerabilities do not affect Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Management Center (FMC) Software.",
            title: "Products Confirmed Not Vulnerable",
         },
         {
            category: "general",
            text: "There are no workarounds that address these vulnerabilities.",
            title: "Workarounds",
         },
         {
            category: "general",
            text: "When considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n      Fixed Releases\r\nAt the time of publication, the release information in the following table(s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.\r\n\r\nThe left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerabilities described in this advisory and which release included the fix for these vulnerabilities.\r\n\r\nFTD Software\r\n                                Cisco FTD Software Release              First Fixed Release for These Vulnerabilities                                              6.2.2 and earlier1              Migrate to a fixed release.                                  6.2.3              Migrate to a fixed release.                                  6.3.01              Migrate to a fixed release.                                  6.4.0              6.4.0.13 (Nov 2021)                                  6.5.01              Migrate to a fixed release.                                  6.6.0              6.6.5.1 (Nov 2021)                                  6.7.0              6.7.0.3 (Jan 2022)                                  7.0.0              7.0.1\r\n1. Cisco FMC and FTD Software releases 6.2.2 and earlier, as well as releases 6.3.0 and 6.5.0, have reached end of software maintenance [\"https://www.cisco.com/c/en/us/products/eos-eol-listing.html\"]. Customers are advised to migrate to a supported release that includes the fix for these vulnerabilities.\r\nFor instructions on upgrading your FTD device, see Cisco Firepower Management Center Upgrade Guide [\"https://www.cisco.com/c/en/us/td/docs/security/firepower/upgrade/fpmc-upgrade-guide/getting_started.html\"].\r\n\r\nThe Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.",
            title: "Fixed Software",
         },
         {
            category: "general",
            text: "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
            title: "Vulnerability Policy",
         },
         {
            category: "general",
            text: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            title: "Exploitation and Public Announcements",
         },
         {
            category: "general",
            text: "Cisco would like to thank Gregory Norton, Thuy Nguyen, and Cynthia Irvine of the Naval Postgraduate School for reporting these vulnerabilities.",
            title: "Source",
         },
         {
            category: "legal_disclaimer",
            text: "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
            title: "Legal Disclaimer",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "psirt@cisco.com",
         issuing_authority: "Cisco PSIRT",
         name: "Cisco",
         namespace: "https://wwww.cisco.com",
      },
      references: [
         {
            category: "self",
            summary: "Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
            url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP",
         },
         {
            category: "external",
            summary: "Cisco Event Response: October 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication",
            url: "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74773",
         },
         {
            category: "external",
            summary: "Cisco Security Vulnerability Policy",
            url: "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html",
         },
         {
            category: "external",
            summary: "considering software upgrades",
            url: "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes",
         },
         {
            category: "external",
            summary: "Cisco&nbsp;Security Advisories page",
            url: "https://www.cisco.com/go/psirt",
         },
         {
            category: "external",
            summary: "end of software maintenance",
            url: "https://www.cisco.com/c/en/us/products/eos-eol-listing.html",
         },
         {
            category: "external",
            summary: "Cisco&nbsp;Firepower Management Center Upgrade Guide",
            url: "https://www.cisco.com/c/en/us/td/docs/security/firepower/upgrade/fpmc-upgrade-guide/getting_started.html",
         },
      ],
      title: "Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
      tracking: {
         current_release_date: "2021-10-27T16:00:00+00:00",
         generator: {
            date: "2024-05-10T23:10:42+00:00",
            engine: {
               name: "TVCE",
            },
         },
         id: "cisco-sa-ftd-enip-bypass-eFsxd8KP",
         initial_release_date: "2021-10-27T16:00:00+00:00",
         revision_history: [
            {
               date: "2021-10-27T15:39:38+00:00",
               number: "1.0.0",
               summary: "Initial public release.",
            },
         ],
         status: "final",
         version: "1.0.0",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        branches: [
                           {
                              category: "service_pack",
                              name: "6.6.1",
                              product: {
                                 name: "6.6.1",
                                 product_id: "CSAFPID-280013",
                              },
                           },
                           {
                              category: "service_pack",
                              name: "6.6.3",
                              product: {
                                 name: "6.6.3",
                                 product_id: "CSAFPID-281981",
                              },
                           },
                           {
                              category: "service_pack",
                              name: "6.6.4",
                              product: {
                                 name: "6.6.4",
                                 product_id: "CSAFPID-282174",
                              },
                           },
                           {
                              category: "service_pack",
                              name: "6.6.5",
                              product: {
                                 name: "6.6.5",
                                 product_id: "CSAFPID-284314",
                              },
                           },
                        ],
                        category: "product_version",
                        name: "6.6",
                     },
                     {
                        branches: [
                           {
                              category: "service_pack",
                              name: "7.0.0",
                              product: {
                                 name: "7.0.0",
                                 product_id: "CSAFPID-282695",
                              },
                           },
                           {
                              category: "service_pack",
                              name: "7.0.0.1",
                              product: {
                                 name: "7.0.0.1",
                                 product_id: "CSAFPID-284277",
                              },
                           },
                        ],
                        category: "product_version",
                        name: "7.0",
                     },
                  ],
                  category: "product_family",
                  name: "Cisco Firepower Threat Defense Software",
               },
               {
                  category: "product_name",
                  name: "Cisco Firepower 2100 Series",
                  product: {
                     name: "Cisco Firepower 2100 Series",
                     product_id: "CSAFPID-277392",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco Firepower 1000 Series",
                  product: {
                     name: "Cisco Firepower 1000 Series",
                     product_id: "CSAFPID-277393",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco ASA 5500-X Series Firewalls",
                  product: {
                     name: "Cisco ASA 5500-X Series Firewalls",
                     product_id: "CSAFPID-277437",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco 3000 Series Industrial Security Appliances (ISA)",
                  product: {
                     name: "Cisco 3000 Series Industrial Security Appliances (ISA)",
                     product_id: "CSAFPID-277438",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco Firepower 9000 Series",
                  product: {
                     name: "Cisco Firepower 9000 Series",
                     product_id: "CSAFPID-277440",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco Firepower 4100 Series",
                  product: {
                     name: "Cisco Firepower 4100 Series",
                     product_id: "CSAFPID-277441",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco Secure Firewall Threat Defense Virtual",
                  product: {
                     name: "Cisco Secure Firewall Threat Defense Virtual",
                     product_id: "CSAFPID-277464",
                  },
               },
            ],
            category: "vendor",
            name: "Cisco",
         },
      ],
      relationships: [
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-280013:277392",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-280013:277393",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-280013:277437",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-280013:277438",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-280013:277440",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-280013:277441",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-280013:277464",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277464",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-281981:277392",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-281981:277393",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-281981:277437",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-281981:277438",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-281981:277440",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-281981:277441",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-281981:277464",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277464",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-282174:277392",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-282174:277393",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-282174:277437",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-282174:277438",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-282174:277440",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-282174:277441",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-282174:277464",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277464",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-284314:277392",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-284314:277393",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-284314:277437",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-284314:277438",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-284314:277440",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-284314:277441",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-284314:277464",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277464",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-282695:277392",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-282695:277393",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-282695:277437",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-282695:277438",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-282695:277440",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-282695:277441",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-282695:277464",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277464",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-284277:277392",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-284277:277393",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-284277:277437",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-284277:277438",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-284277:277440",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-284277:277441",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-284277:277464",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277464",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2021-34753",
         ids: [
            {
               system_name: "Cisco Bug ID",
               text: "CSCvy02240",
            },
         ],
         notes: [
            {
               category: "other",
               text: "Complete.",
               title: "Affected Product Comprehensiveness",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-280013:277392",
               "CSAFPID-280013:277393",
               "CSAFPID-280013:277437",
               "CSAFPID-280013:277438",
               "CSAFPID-280013:277440",
               "CSAFPID-280013:277441",
               "CSAFPID-280013:277464",
               "CSAFPID-281981:277392",
               "CSAFPID-281981:277393",
               "CSAFPID-281981:277437",
               "CSAFPID-281981:277438",
               "CSAFPID-281981:277440",
               "CSAFPID-281981:277441",
               "CSAFPID-281981:277464",
               "CSAFPID-282174:277392",
               "CSAFPID-282174:277393",
               "CSAFPID-282174:277437",
               "CSAFPID-282174:277438",
               "CSAFPID-282174:277440",
               "CSAFPID-282174:277441",
               "CSAFPID-282174:277464",
               "CSAFPID-282695:277392",
               "CSAFPID-282695:277393",
               "CSAFPID-282695:277437",
               "CSAFPID-282695:277438",
               "CSAFPID-282695:277440",
               "CSAFPID-282695:277441",
               "CSAFPID-282695:277464",
               "CSAFPID-284277:277392",
               "CSAFPID-284277:277393",
               "CSAFPID-284277:277437",
               "CSAFPID-284277:277438",
               "CSAFPID-284277:277440",
               "CSAFPID-284277:277441",
               "CSAFPID-284277:277464",
               "CSAFPID-284314:277392",
               "CSAFPID-284314:277393",
               "CSAFPID-284314:277437",
               "CSAFPID-284314:277438",
               "CSAFPID-284314:277440",
               "CSAFPID-284314:277441",
               "CSAFPID-284314:277464",
            ],
         },
         release_date: "2021-10-27T16:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               details: "Cisco has released software updates that address this vulnerability.",
               product_ids: [
                  "CSAFPID-280013:277392",
                  "CSAFPID-280013:277393",
                  "CSAFPID-280013:277437",
                  "CSAFPID-280013:277438",
                  "CSAFPID-280013:277440",
                  "CSAFPID-280013:277441",
                  "CSAFPID-280013:277464",
                  "CSAFPID-281981:277392",
                  "CSAFPID-281981:277393",
                  "CSAFPID-281981:277437",
                  "CSAFPID-281981:277438",
                  "CSAFPID-281981:277440",
                  "CSAFPID-281981:277441",
                  "CSAFPID-281981:277464",
                  "CSAFPID-282174:277392",
                  "CSAFPID-282174:277393",
                  "CSAFPID-282174:277437",
                  "CSAFPID-282174:277438",
                  "CSAFPID-282174:277440",
                  "CSAFPID-282174:277441",
                  "CSAFPID-282174:277464",
                  "CSAFPID-282695:277392",
                  "CSAFPID-282695:277393",
                  "CSAFPID-282695:277437",
                  "CSAFPID-282695:277438",
                  "CSAFPID-282695:277440",
                  "CSAFPID-282695:277441",
                  "CSAFPID-282695:277464",
                  "CSAFPID-284277:277392",
                  "CSAFPID-284277:277393",
                  "CSAFPID-284277:277437",
                  "CSAFPID-284277:277438",
                  "CSAFPID-284277:277440",
                  "CSAFPID-284277:277441",
                  "CSAFPID-284277:277464",
                  "CSAFPID-284314:277392",
                  "CSAFPID-284314:277393",
                  "CSAFPID-284314:277437",
                  "CSAFPID-284314:277438",
                  "CSAFPID-284314:277440",
                  "CSAFPID-284314:277441",
                  "CSAFPID-284314:277464",
               ],
               url: "https://software.cisco.com",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-280013:277392",
                  "CSAFPID-280013:277393",
                  "CSAFPID-280013:277437",
                  "CSAFPID-280013:277438",
                  "CSAFPID-280013:277440",
                  "CSAFPID-280013:277441",
                  "CSAFPID-280013:277464",
                  "CSAFPID-281981:277392",
                  "CSAFPID-281981:277393",
                  "CSAFPID-281981:277437",
                  "CSAFPID-281981:277438",
                  "CSAFPID-281981:277440",
                  "CSAFPID-281981:277441",
                  "CSAFPID-281981:277464",
                  "CSAFPID-282174:277392",
                  "CSAFPID-282174:277393",
                  "CSAFPID-282174:277437",
                  "CSAFPID-282174:277438",
                  "CSAFPID-282174:277440",
                  "CSAFPID-282174:277441",
                  "CSAFPID-282174:277464",
                  "CSAFPID-282695:277392",
                  "CSAFPID-282695:277393",
                  "CSAFPID-282695:277437",
                  "CSAFPID-282695:277438",
                  "CSAFPID-282695:277440",
                  "CSAFPID-282695:277441",
                  "CSAFPID-282695:277464",
                  "CSAFPID-284277:277392",
                  "CSAFPID-284277:277393",
                  "CSAFPID-284277:277437",
                  "CSAFPID-284277:277438",
                  "CSAFPID-284277:277440",
                  "CSAFPID-284277:277441",
                  "CSAFPID-284277:277464",
                  "CSAFPID-284314:277392",
                  "CSAFPID-284314:277393",
                  "CSAFPID-284314:277437",
                  "CSAFPID-284314:277438",
                  "CSAFPID-284314:277440",
                  "CSAFPID-284314:277441",
                  "CSAFPID-284314:277464",
               ],
            },
         ],
         title: "Cisco Firepower Threat Defense Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
      },
      {
         cve: "CVE-2021-34754",
         ids: [
            {
               system_name: "Cisco Bug ID",
               text: "CSCvy02240",
            },
         ],
         notes: [
            {
               category: "other",
               text: "Complete.",
               title: "Affected Product Comprehensiveness",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-280013:277392",
               "CSAFPID-280013:277393",
               "CSAFPID-280013:277437",
               "CSAFPID-280013:277438",
               "CSAFPID-280013:277440",
               "CSAFPID-280013:277441",
               "CSAFPID-280013:277464",
               "CSAFPID-281981:277392",
               "CSAFPID-281981:277393",
               "CSAFPID-281981:277437",
               "CSAFPID-281981:277438",
               "CSAFPID-281981:277440",
               "CSAFPID-281981:277441",
               "CSAFPID-281981:277464",
               "CSAFPID-282174:277392",
               "CSAFPID-282174:277393",
               "CSAFPID-282174:277437",
               "CSAFPID-282174:277438",
               "CSAFPID-282174:277440",
               "CSAFPID-282174:277441",
               "CSAFPID-282174:277464",
               "CSAFPID-282695:277392",
               "CSAFPID-282695:277393",
               "CSAFPID-282695:277437",
               "CSAFPID-282695:277438",
               "CSAFPID-282695:277440",
               "CSAFPID-282695:277441",
               "CSAFPID-282695:277464",
               "CSAFPID-284277:277392",
               "CSAFPID-284277:277393",
               "CSAFPID-284277:277437",
               "CSAFPID-284277:277438",
               "CSAFPID-284277:277440",
               "CSAFPID-284277:277441",
               "CSAFPID-284277:277464",
               "CSAFPID-284314:277392",
               "CSAFPID-284314:277393",
               "CSAFPID-284314:277437",
               "CSAFPID-284314:277438",
               "CSAFPID-284314:277440",
               "CSAFPID-284314:277441",
               "CSAFPID-284314:277464",
            ],
         },
         release_date: "2021-10-27T16:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               details: "Cisco has released software updates that address this vulnerability.",
               product_ids: [
                  "CSAFPID-280013:277392",
                  "CSAFPID-280013:277393",
                  "CSAFPID-280013:277437",
                  "CSAFPID-280013:277438",
                  "CSAFPID-280013:277440",
                  "CSAFPID-280013:277441",
                  "CSAFPID-280013:277464",
                  "CSAFPID-281981:277392",
                  "CSAFPID-281981:277393",
                  "CSAFPID-281981:277437",
                  "CSAFPID-281981:277438",
                  "CSAFPID-281981:277440",
                  "CSAFPID-281981:277441",
                  "CSAFPID-281981:277464",
                  "CSAFPID-282174:277392",
                  "CSAFPID-282174:277393",
                  "CSAFPID-282174:277437",
                  "CSAFPID-282174:277438",
                  "CSAFPID-282174:277440",
                  "CSAFPID-282174:277441",
                  "CSAFPID-282174:277464",
                  "CSAFPID-282695:277392",
                  "CSAFPID-282695:277393",
                  "CSAFPID-282695:277437",
                  "CSAFPID-282695:277438",
                  "CSAFPID-282695:277440",
                  "CSAFPID-282695:277441",
                  "CSAFPID-282695:277464",
                  "CSAFPID-284277:277392",
                  "CSAFPID-284277:277393",
                  "CSAFPID-284277:277437",
                  "CSAFPID-284277:277438",
                  "CSAFPID-284277:277440",
                  "CSAFPID-284277:277441",
                  "CSAFPID-284277:277464",
                  "CSAFPID-284314:277392",
                  "CSAFPID-284314:277393",
                  "CSAFPID-284314:277437",
                  "CSAFPID-284314:277438",
                  "CSAFPID-284314:277440",
                  "CSAFPID-284314:277441",
                  "CSAFPID-284314:277464",
               ],
               url: "https://software.cisco.com",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-280013:277392",
                  "CSAFPID-280013:277393",
                  "CSAFPID-280013:277437",
                  "CSAFPID-280013:277438",
                  "CSAFPID-280013:277440",
                  "CSAFPID-280013:277441",
                  "CSAFPID-280013:277464",
                  "CSAFPID-281981:277392",
                  "CSAFPID-281981:277393",
                  "CSAFPID-281981:277437",
                  "CSAFPID-281981:277438",
                  "CSAFPID-281981:277440",
                  "CSAFPID-281981:277441",
                  "CSAFPID-281981:277464",
                  "CSAFPID-282174:277392",
                  "CSAFPID-282174:277393",
                  "CSAFPID-282174:277437",
                  "CSAFPID-282174:277438",
                  "CSAFPID-282174:277440",
                  "CSAFPID-282174:277441",
                  "CSAFPID-282174:277464",
                  "CSAFPID-282695:277392",
                  "CSAFPID-282695:277393",
                  "CSAFPID-282695:277437",
                  "CSAFPID-282695:277438",
                  "CSAFPID-282695:277440",
                  "CSAFPID-282695:277441",
                  "CSAFPID-282695:277464",
                  "CSAFPID-284277:277392",
                  "CSAFPID-284277:277393",
                  "CSAFPID-284277:277437",
                  "CSAFPID-284277:277438",
                  "CSAFPID-284277:277440",
                  "CSAFPID-284277:277441",
                  "CSAFPID-284277:277464",
                  "CSAFPID-284314:277392",
                  "CSAFPID-284314:277393",
                  "CSAFPID-284314:277437",
                  "CSAFPID-284314:277438",
                  "CSAFPID-284314:277440",
                  "CSAFPID-284314:277441",
                  "CSAFPID-284314:277464",
               ],
            },
         ],
         title: "Cisco Firepower Threat Defense Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
      },
   ],
}

cisco-sa-ftd-enip-bypass-efsxd8kp

Vulnerability from csaf_cisco

Published

2021-10-27 16:00

Modified

2021-10-27 16:00

Summary

Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities

Notes

Summary

Vulnerable Products

Products Confirmed Not Vulnerable

Workarounds

There are no workarounds that address these vulnerabilities.

Fixed Software

Vulnerability Policy

Exploitation and Public Announcements

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

Source

Cisco would like to thank Gregory Norton, Thuy Nguyen, and Cynthia Irvine of the Naval Postgraduate School for reporting these vulnerabilities.

Legal Disclaimer

JSON

To clipboard

{
   document: {
      acknowledgments: [
         {
            summary: "Cisco would like to thank Gregory Norton, Thuy Nguyen, and Cynthia Irvine of the Naval Postgraduate School for reporting these vulnerabilities.",
         },
      ],
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      notes: [
         {
            category: "summary",
            text: "Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic.\r\n\r\nThese vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet.\r\n\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.\r\n\r\n\r\n\r\nThis advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication [\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74773\"].",
            title: "Summary",
         },
         {
            category: "general",
            text: "At the time of publication, these vulnerabilities affected Cisco FTD Software if it was configured to detect and block ENIP traffic.\r\n\r\nFor information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software [\"#fs\"] section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.",
            title: "Vulnerable Products",
         },
         {
            category: "general",
            text: "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by these vulnerabilities.\r\n\r\nCisco has confirmed that these vulnerabilities do not affect Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Management Center (FMC) Software.",
            title: "Products Confirmed Not Vulnerable",
         },
         {
            category: "general",
            text: "There are no workarounds that address these vulnerabilities.",
            title: "Workarounds",
         },
         {
            category: "general",
            text: "When considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n      Fixed Releases\r\nAt the time of publication, the release information in the following table(s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.\r\n\r\nThe left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerabilities described in this advisory and which release included the fix for these vulnerabilities.\r\n\r\nFTD Software\r\n                                Cisco FTD Software Release              First Fixed Release for These Vulnerabilities                                              6.2.2 and earlier1              Migrate to a fixed release.                                  6.2.3              Migrate to a fixed release.                                  6.3.01              Migrate to a fixed release.                                  6.4.0              6.4.0.13 (Nov 2021)                                  6.5.01              Migrate to a fixed release.                                  6.6.0              6.6.5.1 (Nov 2021)                                  6.7.0              6.7.0.3 (Jan 2022)                                  7.0.0              7.0.1\r\n1. Cisco FMC and FTD Software releases 6.2.2 and earlier, as well as releases 6.3.0 and 6.5.0, have reached end of software maintenance [\"https://www.cisco.com/c/en/us/products/eos-eol-listing.html\"]. Customers are advised to migrate to a supported release that includes the fix for these vulnerabilities.\r\nFor instructions on upgrading your FTD device, see Cisco Firepower Management Center Upgrade Guide [\"https://www.cisco.com/c/en/us/td/docs/security/firepower/upgrade/fpmc-upgrade-guide/getting_started.html\"].\r\n\r\nThe Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.",
            title: "Fixed Software",
         },
         {
            category: "general",
            text: "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
            title: "Vulnerability Policy",
         },
         {
            category: "general",
            text: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            title: "Exploitation and Public Announcements",
         },
         {
            category: "general",
            text: "Cisco would like to thank Gregory Norton, Thuy Nguyen, and Cynthia Irvine of the Naval Postgraduate School for reporting these vulnerabilities.",
            title: "Source",
         },
         {
            category: "legal_disclaimer",
            text: "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
            title: "Legal Disclaimer",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "psirt@cisco.com",
         issuing_authority: "Cisco PSIRT",
         name: "Cisco",
         namespace: "https://wwww.cisco.com",
      },
      references: [
         {
            category: "self",
            summary: "Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
            url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP",
         },
         {
            category: "external",
            summary: "Cisco Event Response: October 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication",
            url: "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74773",
         },
         {
            category: "external",
            summary: "Cisco Security Vulnerability Policy",
            url: "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html",
         },
         {
            category: "external",
            summary: "considering software upgrades",
            url: "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes",
         },
         {
            category: "external",
            summary: "Cisco&nbsp;Security Advisories page",
            url: "https://www.cisco.com/go/psirt",
         },
         {
            category: "external",
            summary: "end of software maintenance",
            url: "https://www.cisco.com/c/en/us/products/eos-eol-listing.html",
         },
         {
            category: "external",
            summary: "Cisco&nbsp;Firepower Management Center Upgrade Guide",
            url: "https://www.cisco.com/c/en/us/td/docs/security/firepower/upgrade/fpmc-upgrade-guide/getting_started.html",
         },
      ],
      title: "Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
      tracking: {
         current_release_date: "2021-10-27T16:00:00+00:00",
         generator: {
            date: "2024-05-10T23:10:42+00:00",
            engine: {
               name: "TVCE",
            },
         },
         id: "cisco-sa-ftd-enip-bypass-eFsxd8KP",
         initial_release_date: "2021-10-27T16:00:00+00:00",
         revision_history: [
            {
               date: "2021-10-27T15:39:38+00:00",
               number: "1.0.0",
               summary: "Initial public release.",
            },
         ],
         status: "final",
         version: "1.0.0",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        branches: [
                           {
                              category: "service_pack",
                              name: "6.6.1",
                              product: {
                                 name: "6.6.1",
                                 product_id: "CSAFPID-280013",
                              },
                           },
                           {
                              category: "service_pack",
                              name: "6.6.3",
                              product: {
                                 name: "6.6.3",
                                 product_id: "CSAFPID-281981",
                              },
                           },
                           {
                              category: "service_pack",
                              name: "6.6.4",
                              product: {
                                 name: "6.6.4",
                                 product_id: "CSAFPID-282174",
                              },
                           },
                           {
                              category: "service_pack",
                              name: "6.6.5",
                              product: {
                                 name: "6.6.5",
                                 product_id: "CSAFPID-284314",
                              },
                           },
                        ],
                        category: "product_version",
                        name: "6.6",
                     },
                     {
                        branches: [
                           {
                              category: "service_pack",
                              name: "7.0.0",
                              product: {
                                 name: "7.0.0",
                                 product_id: "CSAFPID-282695",
                              },
                           },
                           {
                              category: "service_pack",
                              name: "7.0.0.1",
                              product: {
                                 name: "7.0.0.1",
                                 product_id: "CSAFPID-284277",
                              },
                           },
                        ],
                        category: "product_version",
                        name: "7.0",
                     },
                  ],
                  category: "product_family",
                  name: "Cisco Firepower Threat Defense Software",
               },
               {
                  category: "product_name",
                  name: "Cisco Firepower 2100 Series",
                  product: {
                     name: "Cisco Firepower 2100 Series",
                     product_id: "CSAFPID-277392",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco Firepower 1000 Series",
                  product: {
                     name: "Cisco Firepower 1000 Series",
                     product_id: "CSAFPID-277393",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco ASA 5500-X Series Firewalls",
                  product: {
                     name: "Cisco ASA 5500-X Series Firewalls",
                     product_id: "CSAFPID-277437",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco 3000 Series Industrial Security Appliances (ISA)",
                  product: {
                     name: "Cisco 3000 Series Industrial Security Appliances (ISA)",
                     product_id: "CSAFPID-277438",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco Firepower 9000 Series",
                  product: {
                     name: "Cisco Firepower 9000 Series",
                     product_id: "CSAFPID-277440",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco Firepower 4100 Series",
                  product: {
                     name: "Cisco Firepower 4100 Series",
                     product_id: "CSAFPID-277441",
                  },
               },
               {
                  category: "product_name",
                  name: "Cisco Secure Firewall Threat Defense Virtual",
                  product: {
                     name: "Cisco Secure Firewall Threat Defense Virtual",
                     product_id: "CSAFPID-277464",
                  },
               },
            ],
            category: "vendor",
            name: "Cisco",
         },
      ],
      relationships: [
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-280013:277392",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-280013:277393",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-280013:277437",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-280013:277438",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-280013:277440",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-280013:277441",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.1 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-280013:277464",
            },
            product_reference: "CSAFPID-280013",
            relates_to_product_reference: "CSAFPID-277464",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-281981:277392",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-281981:277393",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-281981:277437",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-281981:277438",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-281981:277440",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-281981:277441",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.3 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-281981:277464",
            },
            product_reference: "CSAFPID-281981",
            relates_to_product_reference: "CSAFPID-277464",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-282174:277392",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-282174:277393",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-282174:277437",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-282174:277438",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-282174:277440",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-282174:277441",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.4 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-282174:277464",
            },
            product_reference: "CSAFPID-282174",
            relates_to_product_reference: "CSAFPID-277464",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-284314:277392",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-284314:277393",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-284314:277437",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-284314:277438",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-284314:277440",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-284314:277441",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 6.6.5 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-284314:277464",
            },
            product_reference: "CSAFPID-284314",
            relates_to_product_reference: "CSAFPID-277464",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-282695:277392",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-282695:277393",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-282695:277437",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-282695:277438",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-282695:277440",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-282695:277441",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-282695:277464",
            },
            product_reference: "CSAFPID-282695",
            relates_to_product_reference: "CSAFPID-277464",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco Firepower 2100 Series",
               product_id: "CSAFPID-284277:277392",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277392",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco Firepower 1000 Series",
               product_id: "CSAFPID-284277:277393",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277393",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco ASA 5500-X Series Firewalls",
               product_id: "CSAFPID-284277:277437",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277437",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco 3000 Series Industrial Security Appliances (ISA)",
               product_id: "CSAFPID-284277:277438",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277438",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco Firepower 9000 Series",
               product_id: "CSAFPID-284277:277440",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277440",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco Firepower 4100 Series",
               product_id: "CSAFPID-284277:277441",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277441",
         },
         {
            category: "installed_on",
            full_product_name: {
               name: "Cisco Firepower Threat Defense Software 7.0.0.1 when installed on Cisco Secure Firewall Threat Defense Virtual",
               product_id: "CSAFPID-284277:277464",
            },
            product_reference: "CSAFPID-284277",
            relates_to_product_reference: "CSAFPID-277464",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2021-34753",
         ids: [
            {
               system_name: "Cisco Bug ID",
               text: "CSCvy02240",
            },
         ],
         notes: [
            {
               category: "other",
               text: "Complete.",
               title: "Affected Product Comprehensiveness",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-280013:277392",
               "CSAFPID-280013:277393",
               "CSAFPID-280013:277437",
               "CSAFPID-280013:277438",
               "CSAFPID-280013:277440",
               "CSAFPID-280013:277441",
               "CSAFPID-280013:277464",
               "CSAFPID-281981:277392",
               "CSAFPID-281981:277393",
               "CSAFPID-281981:277437",
               "CSAFPID-281981:277438",
               "CSAFPID-281981:277440",
               "CSAFPID-281981:277441",
               "CSAFPID-281981:277464",
               "CSAFPID-282174:277392",
               "CSAFPID-282174:277393",
               "CSAFPID-282174:277437",
               "CSAFPID-282174:277438",
               "CSAFPID-282174:277440",
               "CSAFPID-282174:277441",
               "CSAFPID-282174:277464",
               "CSAFPID-282695:277392",
               "CSAFPID-282695:277393",
               "CSAFPID-282695:277437",
               "CSAFPID-282695:277438",
               "CSAFPID-282695:277440",
               "CSAFPID-282695:277441",
               "CSAFPID-282695:277464",
               "CSAFPID-284277:277392",
               "CSAFPID-284277:277393",
               "CSAFPID-284277:277437",
               "CSAFPID-284277:277438",
               "CSAFPID-284277:277440",
               "CSAFPID-284277:277441",
               "CSAFPID-284277:277464",
               "CSAFPID-284314:277392",
               "CSAFPID-284314:277393",
               "CSAFPID-284314:277437",
               "CSAFPID-284314:277438",
               "CSAFPID-284314:277440",
               "CSAFPID-284314:277441",
               "CSAFPID-284314:277464",
            ],
         },
         release_date: "2021-10-27T16:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               details: "Cisco has released software updates that address this vulnerability.",
               product_ids: [
                  "CSAFPID-280013:277392",
                  "CSAFPID-280013:277393",
                  "CSAFPID-280013:277437",
                  "CSAFPID-280013:277438",
                  "CSAFPID-280013:277440",
                  "CSAFPID-280013:277441",
                  "CSAFPID-280013:277464",
                  "CSAFPID-281981:277392",
                  "CSAFPID-281981:277393",
                  "CSAFPID-281981:277437",
                  "CSAFPID-281981:277438",
                  "CSAFPID-281981:277440",
                  "CSAFPID-281981:277441",
                  "CSAFPID-281981:277464",
                  "CSAFPID-282174:277392",
                  "CSAFPID-282174:277393",
                  "CSAFPID-282174:277437",
                  "CSAFPID-282174:277438",
                  "CSAFPID-282174:277440",
                  "CSAFPID-282174:277441",
                  "CSAFPID-282174:277464",
                  "CSAFPID-282695:277392",
                  "CSAFPID-282695:277393",
                  "CSAFPID-282695:277437",
                  "CSAFPID-282695:277438",
                  "CSAFPID-282695:277440",
                  "CSAFPID-282695:277441",
                  "CSAFPID-282695:277464",
                  "CSAFPID-284277:277392",
                  "CSAFPID-284277:277393",
                  "CSAFPID-284277:277437",
                  "CSAFPID-284277:277438",
                  "CSAFPID-284277:277440",
                  "CSAFPID-284277:277441",
                  "CSAFPID-284277:277464",
                  "CSAFPID-284314:277392",
                  "CSAFPID-284314:277393",
                  "CSAFPID-284314:277437",
                  "CSAFPID-284314:277438",
                  "CSAFPID-284314:277440",
                  "CSAFPID-284314:277441",
                  "CSAFPID-284314:277464",
               ],
               url: "https://software.cisco.com",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-280013:277392",
                  "CSAFPID-280013:277393",
                  "CSAFPID-280013:277437",
                  "CSAFPID-280013:277438",
                  "CSAFPID-280013:277440",
                  "CSAFPID-280013:277441",
                  "CSAFPID-280013:277464",
                  "CSAFPID-281981:277392",
                  "CSAFPID-281981:277393",
                  "CSAFPID-281981:277437",
                  "CSAFPID-281981:277438",
                  "CSAFPID-281981:277440",
                  "CSAFPID-281981:277441",
                  "CSAFPID-281981:277464",
                  "CSAFPID-282174:277392",
                  "CSAFPID-282174:277393",
                  "CSAFPID-282174:277437",
                  "CSAFPID-282174:277438",
                  "CSAFPID-282174:277440",
                  "CSAFPID-282174:277441",
                  "CSAFPID-282174:277464",
                  "CSAFPID-282695:277392",
                  "CSAFPID-282695:277393",
                  "CSAFPID-282695:277437",
                  "CSAFPID-282695:277438",
                  "CSAFPID-282695:277440",
                  "CSAFPID-282695:277441",
                  "CSAFPID-282695:277464",
                  "CSAFPID-284277:277392",
                  "CSAFPID-284277:277393",
                  "CSAFPID-284277:277437",
                  "CSAFPID-284277:277438",
                  "CSAFPID-284277:277440",
                  "CSAFPID-284277:277441",
                  "CSAFPID-284277:277464",
                  "CSAFPID-284314:277392",
                  "CSAFPID-284314:277393",
                  "CSAFPID-284314:277437",
                  "CSAFPID-284314:277438",
                  "CSAFPID-284314:277440",
                  "CSAFPID-284314:277441",
                  "CSAFPID-284314:277464",
               ],
            },
         ],
         title: "Cisco Firepower Threat Defense Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
      },
      {
         cve: "CVE-2021-34754",
         ids: [
            {
               system_name: "Cisco Bug ID",
               text: "CSCvy02240",
            },
         ],
         notes: [
            {
               category: "other",
               text: "Complete.",
               title: "Affected Product Comprehensiveness",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-280013:277392",
               "CSAFPID-280013:277393",
               "CSAFPID-280013:277437",
               "CSAFPID-280013:277438",
               "CSAFPID-280013:277440",
               "CSAFPID-280013:277441",
               "CSAFPID-280013:277464",
               "CSAFPID-281981:277392",
               "CSAFPID-281981:277393",
               "CSAFPID-281981:277437",
               "CSAFPID-281981:277438",
               "CSAFPID-281981:277440",
               "CSAFPID-281981:277441",
               "CSAFPID-281981:277464",
               "CSAFPID-282174:277392",
               "CSAFPID-282174:277393",
               "CSAFPID-282174:277437",
               "CSAFPID-282174:277438",
               "CSAFPID-282174:277440",
               "CSAFPID-282174:277441",
               "CSAFPID-282174:277464",
               "CSAFPID-282695:277392",
               "CSAFPID-282695:277393",
               "CSAFPID-282695:277437",
               "CSAFPID-282695:277438",
               "CSAFPID-282695:277440",
               "CSAFPID-282695:277441",
               "CSAFPID-282695:277464",
               "CSAFPID-284277:277392",
               "CSAFPID-284277:277393",
               "CSAFPID-284277:277437",
               "CSAFPID-284277:277438",
               "CSAFPID-284277:277440",
               "CSAFPID-284277:277441",
               "CSAFPID-284277:277464",
               "CSAFPID-284314:277392",
               "CSAFPID-284314:277393",
               "CSAFPID-284314:277437",
               "CSAFPID-284314:277438",
               "CSAFPID-284314:277440",
               "CSAFPID-284314:277441",
               "CSAFPID-284314:277464",
            ],
         },
         release_date: "2021-10-27T16:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               details: "Cisco has released software updates that address this vulnerability.",
               product_ids: [
                  "CSAFPID-280013:277392",
                  "CSAFPID-280013:277393",
                  "CSAFPID-280013:277437",
                  "CSAFPID-280013:277438",
                  "CSAFPID-280013:277440",
                  "CSAFPID-280013:277441",
                  "CSAFPID-280013:277464",
                  "CSAFPID-281981:277392",
                  "CSAFPID-281981:277393",
                  "CSAFPID-281981:277437",
                  "CSAFPID-281981:277438",
                  "CSAFPID-281981:277440",
                  "CSAFPID-281981:277441",
                  "CSAFPID-281981:277464",
                  "CSAFPID-282174:277392",
                  "CSAFPID-282174:277393",
                  "CSAFPID-282174:277437",
                  "CSAFPID-282174:277438",
                  "CSAFPID-282174:277440",
                  "CSAFPID-282174:277441",
                  "CSAFPID-282174:277464",
                  "CSAFPID-282695:277392",
                  "CSAFPID-282695:277393",
                  "CSAFPID-282695:277437",
                  "CSAFPID-282695:277438",
                  "CSAFPID-282695:277440",
                  "CSAFPID-282695:277441",
                  "CSAFPID-282695:277464",
                  "CSAFPID-284277:277392",
                  "CSAFPID-284277:277393",
                  "CSAFPID-284277:277437",
                  "CSAFPID-284277:277438",
                  "CSAFPID-284277:277440",
                  "CSAFPID-284277:277441",
                  "CSAFPID-284277:277464",
                  "CSAFPID-284314:277392",
                  "CSAFPID-284314:277393",
                  "CSAFPID-284314:277437",
                  "CSAFPID-284314:277438",
                  "CSAFPID-284314:277440",
                  "CSAFPID-284314:277441",
                  "CSAFPID-284314:277464",
               ],
               url: "https://software.cisco.com",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-280013:277392",
                  "CSAFPID-280013:277393",
                  "CSAFPID-280013:277437",
                  "CSAFPID-280013:277438",
                  "CSAFPID-280013:277440",
                  "CSAFPID-280013:277441",
                  "CSAFPID-280013:277464",
                  "CSAFPID-281981:277392",
                  "CSAFPID-281981:277393",
                  "CSAFPID-281981:277437",
                  "CSAFPID-281981:277438",
                  "CSAFPID-281981:277440",
                  "CSAFPID-281981:277441",
                  "CSAFPID-281981:277464",
                  "CSAFPID-282174:277392",
                  "CSAFPID-282174:277393",
                  "CSAFPID-282174:277437",
                  "CSAFPID-282174:277438",
                  "CSAFPID-282174:277440",
                  "CSAFPID-282174:277441",
                  "CSAFPID-282174:277464",
                  "CSAFPID-282695:277392",
                  "CSAFPID-282695:277393",
                  "CSAFPID-282695:277437",
                  "CSAFPID-282695:277438",
                  "CSAFPID-282695:277440",
                  "CSAFPID-282695:277441",
                  "CSAFPID-282695:277464",
                  "CSAFPID-284277:277392",
                  "CSAFPID-284277:277393",
                  "CSAFPID-284277:277437",
                  "CSAFPID-284277:277438",
                  "CSAFPID-284277:277440",
                  "CSAFPID-284277:277441",
                  "CSAFPID-284277:277464",
                  "CSAFPID-284314:277392",
                  "CSAFPID-284314:277393",
                  "CSAFPID-284314:277437",
                  "CSAFPID-284314:277438",
                  "CSAFPID-284314:277440",
                  "CSAFPID-284314:277441",
                  "CSAFPID-284314:277464",
               ],
            },
         ],
         title: "Cisco Firepower Threat Defense Ethernet Industrial Protocol Policy Bypass Vulnerabilities",
      },
   ],
}

ghsa-4383-m935-j5wh

Vulnerability from github

Published

2024-11-15 18:30

Modified

2024-11-15 18:30

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Details

This vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet.

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2021-34753",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-284",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2024-11-15T17:15:10Z",
      severity: "MODERATE",
   },
   details: "A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic.\n\nThis vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet.",
   id: "GHSA-4383-m935-j5wh",
   modified: "2024-11-15T18:30:51Z",
   published: "2024-11-15T18:30:51Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2021-34753",
      },
      {
         type: "WEB",
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
         type: "CVSS_V3",
      },
   ],
}

fkie_cve-2021-34753

Vulnerability from fkie_nvd

Published

2024-11-15 17:15

Modified

2024-11-18 17:11

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

References

▼	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic.\r\n\r\nThis vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la inspección de payload del tráfico del Protocolo industrial Ethernet (ENIP) para el software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado eluda las reglas configuradas para el tráfico ENIP. Esta vulnerabilidad se debe a un procesamiento incompleto durante la inspección profunda de paquetes de ENIP. Un atacante podría aprovechar esta vulnerabilidad enviando un paquete ENIP manipulado a la interfaz de destino. Una explotación exitosa podría permitir al atacante eludir las políticas de intrusión y control de acceso configuradas que deberían activarse y descartarse para el paquete ENIP.",
      },
   ],
   id: "CVE-2021-34753",
   lastModified: "2024-11-18T17:11:56.587",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
   },
   published: "2024-11-15T17:15:10.303",
   references: [
      {
         source: "psirt@cisco.com",
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Awaiting Analysis",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-284",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2021-34753

Vulnerability from cvelistv5

gsd-2021-34753

Vulnerability from gsd

cisco-sa-ftd-enip-bypass-eFsxd8KP

Vulnerability from csaf_cisco

cisco-sa-ftd-enip-bypass-efsxd8kp

Vulnerability from csaf_cisco

ghsa-4383-m935-j5wh

Vulnerability from github

fkie_cve-2021-34753

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature