| Title | 複数の Cisco 製品における常に不適切な制御フローの実装に関する脆弱性 |
|---|---|
| Summary | 複数の Cisco 製品には、常に不適切な制御フローの実装に関する脆弱性が存在します。 |
| Possible impacts | 情報を改ざんされる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | Jan. 13, 2021, midnight |
| Registration Date | Sept. 22, 2021, 5:52 p.m. |
| Last Update | Sept. 22, 2021, 5:52 p.m. |
| CVSS3.0 : 警告 | |
| Score | 5.3 |
|---|---|
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
| CVSS2.0 : 警告 | |
| Score | 5 |
|---|---|
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
| シスコシステムズ |
| Cisco FirePOWER Management Center |
| Cisco Firepower Threat Defense ソフトウェア |
| Cisco IOS XE |
| Snort.org |
| Snort |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2021年09月22日] 掲載 |
Sept. 22, 2021, 5:52 p.m. |
| Summary | Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. |
|---|---|
| Publication Date | Jan. 14, 2021, 7:15 a.m. |
| Registration Date | Jan. 26, 2021, 10:40 a.m. |
| Last Update | Nov. 21, 2024, 2:43 p.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:* | 17.4.1 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 2 | cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 3 | cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 4 | cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 5 | cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 6 | cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 7 | cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 8 | cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 9 | cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 10 | cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 11 | cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 12 | cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 13 | cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:* | ||||
| 14 | cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:* | ||||
| 15 | cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:* | ||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:a:cisco:firepower_management_center:2.9.14.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:firepower_management_center:2.9.15:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:firepower_management_center:2.9.16:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:firepower_management_center:2.9.17:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:firepower_management_center:2.9.14.14:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* | 6.5.0.5 | ||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:* | 2.9.14 | ||||