Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for unified_threat_defense by cisco

    CVE-2023-20071 (GCVE-0-2023-20071)

    Vulnerability from nvd – Published: 2023-11-01 17:07 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.
    CWE
    • CWE-1039 - Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Firepower Threat Defense Software Affected: 6.2.3
    Affected: 6.2.3.1
    Affected: 6.2.3.2
    Affected: 6.2.3.3
    Affected: 6.2.3.4
    Affected: 6.2.3.5
    Affected: 6.2.3.6
    Affected: 6.2.3.7
    Affected: 6.2.3.8
    Affected: 6.2.3.10
    Affected: 6.2.3.11
    Affected: 6.2.3.9
    Affected: 6.2.3.12
    Affected: 6.2.3.13
    Affected: 6.2.3.14
    Affected: 6.2.3.15
    Affected: 6.2.3.16
    Affected: 6.2.3.17
    Affected: 6.2.3.18
    Affected: 6.6.0
    Affected: 6.6.0.1
    Affected: 6.6.1
    Affected: 6.6.3
    Affected: 6.6.4
    Affected: 6.6.5
    Affected: 6.6.5.1
    Affected: 6.6.5.2
    Affected: 6.6.7
    Affected: 6.6.7.1
    Affected: 6.4.0
    Affected: 6.4.0.1
    Affected: 6.4.0.3
    Affected: 6.4.0.2
    Affected: 6.4.0.4
    Affected: 6.4.0.5
    Affected: 6.4.0.6
    Affected: 6.4.0.7
    Affected: 6.4.0.8
    Affected: 6.4.0.9
    Affected: 6.4.0.10
    Affected: 6.4.0.11
    Affected: 6.4.0.12
    Affected: 6.4.0.13
    Affected: 6.4.0.14
    Affected: 6.4.0.15
    Affected: 6.4.0.16
    Affected: 6.7.0
    Affected: 6.7.0.1
    Affected: 6.7.0.2
    Affected: 6.7.0.3
    Affected: 7.0.0
    Affected: 7.0.0.1
    Affected: 7.0.1
    Affected: 7.0.1.1
    Affected: 7.0.2
    Affected: 7.0.2.1
    Affected: 7.0.3
    Affected: 7.0.4
    Affected: 7.0.5
    Affected: 7.1.0
    Affected: 7.1.0.1
    Affected: 7.1.0.2
    Affected: 7.1.0.3
    Affected: 7.2.0
    Affected: 7.2.0.1
    Affected: 7.2.1
    Affected: 7.2.2
    Affected: 7.2.3
    Affected: 7.3.0
    Affected: 7.3.1
    Affected: 7.3.1.1
    Create a notification for this product.
    Cisco Cisco Umbrella Insights Virtual Appliance Affected: N/A
    Create a notification for this product.
    Cisco Cisco Cyber Vision Affected: 3.0.4
    Affected: 3.0.0
    Affected: 3.0.1
    Affected: 3.0.2
    Affected: 3.0.3
    Affected: 3.0.5
    Affected: 3.0.6
    Affected: 3.1.0
    Affected: 3.1.2
    Affected: 3.1.1
    Affected: 3.2.3
    Affected: 3.2.1
    Affected: 3.2.4
    Affected: 3.2.0
    Affected: 3.2.2
    Affected: 4.0.0
    Affected: 4.0.1
    Affected: 4.0.2
    Affected: 4.0.3
    Affected: 4.1.0
    Affected: 4.1.1
    Affected: 4.1.2
    Create a notification for this product.
    Cisco Cisco UTD SNORT IPS Engine Software Affected: 16.12.1a
    Affected: 16.12.2
    Affected: 16.12.3
    Affected: 16.12.4
    Affected: 16.12.5
    Affected: 16.12.6
    Affected: 16.12.7
    Affected: 16.12.8
    Affected: 16.6.1
    Affected: 16.6.5
    Affected: 16.6.6
    Affected: 16.6.7a
    Affected: 16.6.9
    Affected: 16.6.10
    Affected: 17.1.1
    Affected: 17.2.1r
    Affected: 17.3.1a
    Affected: 17.3.2
    Affected: 17.3.3
    Affected: 17.3.4a
    Affected: 17.3.6
    Affected: 17.3.5
    Affected: 17.3.7
    Affected: 3.17.0S
    Affected: 3.17.1S
    Affected: 17.4.1a
    Affected: 17.4.2
    Affected: 17.4.1b
    Affected: 17.5.1a
    Affected: 17.6.1a
    Affected: 17.6.2
    Affected: 17.6.3a
    Affected: 17.6.4
    Affected: 17.6.5
    Affected: 17.7.1a
    Affected: 17.7.2
    Affected: 17.10.1a
    Affected: 17.9.1a
    Affected: 17.9.2a
    Affected: 17.9.3a
    Affected: 17.8.1a
    Affected: Fuji-16.9.2
    Affected: Fuji-16.9.4
    Affected: Fuji-16.9.6
    Affected: Fuji-16.9.3
    Affected: Fuji-16.9.7
    Affected: Fuji-16.9.8
    Affected: Fuji-16.9.5
    Affected: Denali-16.3.3
    Affected: Denali-16.3.9
    Affected: Denali-16.3.7
    Affected: Denali-16.3.5
    Affected: Denali-16.3.4
    Affected: Everest-16.6.3
    Affected: Everest-16.6.4
    Affected: Everest-16.6.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.845Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-snort-ftd-zXYtnjOM",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Firepower Threat Defense Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.7"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.8"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.10"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.11"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.12"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.13"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.14"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.15"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.16"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.17"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.18"
                },
                {
                  "status": "affected",
                  "version": "6.6.0"
                },
                {
                  "status": "affected",
                  "version": "6.6.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.6.1"
                },
                {
                  "status": "affected",
                  "version": "6.6.3"
                },
                {
                  "status": "affected",
                  "version": "6.6.4"
                },
                {
                  "status": "affected",
                  "version": "6.6.5"
                },
                {
                  "status": "affected",
                  "version": "6.6.5.1"
                },
                {
                  "status": "affected",
                  "version": "6.6.5.2"
                },
                {
                  "status": "affected",
                  "version": "6.6.7"
                },
                {
                  "status": "affected",
                  "version": "6.6.7.1"
                },
                {
                  "status": "affected",
                  "version": "6.4.0"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.3"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.4"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.6"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.8"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.9"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.10"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.11"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.12"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.13"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.14"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.15"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.16"
                },
                {
                  "status": "affected",
                  "version": "6.7.0"
                },
                {
                  "status": "affected",
                  "version": "6.7.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.7.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.7.0.3"
                },
                {
                  "status": "affected",
                  "version": "7.0.0"
                },
                {
                  "status": "affected",
                  "version": "7.0.0.1"
                },
                {
                  "status": "affected",
                  "version": "7.0.1"
                },
                {
                  "status": "affected",
                  "version": "7.0.1.1"
                },
                {
                  "status": "affected",
                  "version": "7.0.2"
                },
                {
                  "status": "affected",
                  "version": "7.0.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.0.3"
                },
                {
                  "status": "affected",
                  "version": "7.0.4"
                },
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "7.1.0"
                },
                {
                  "status": "affected",
                  "version": "7.1.0.1"
                },
                {
                  "status": "affected",
                  "version": "7.1.0.2"
                },
                {
                  "status": "affected",
                  "version": "7.1.0.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.0"
                },
                {
                  "status": "affected",
                  "version": "7.2.0.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.2"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.0"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "7.3.1.1"
                }
              ]
            },
            {
              "product": "Cisco Umbrella Insights Virtual Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Cyber Vision",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.4"
                },
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "3.0.3"
                },
                {
                  "status": "affected",
                  "version": "3.0.5"
                },
                {
                  "status": "affected",
                  "version": "3.0.6"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.2"
                },
                {
                  "status": "affected",
                  "version": "3.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.2.3"
                },
                {
                  "status": "affected",
                  "version": "3.2.1"
                },
                {
                  "status": "affected",
                  "version": "3.2.4"
                },
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.2"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.1"
                },
                {
                  "status": "affected",
                  "version": "4.0.2"
                },
                {
                  "status": "affected",
                  "version": "4.0.3"
                },
                {
                  "status": "affected",
                  "version": "4.1.0"
                },
                {
                  "status": "affected",
                  "version": "4.1.1"
                },
                {
                  "status": "affected",
                  "version": "4.1.2"
                }
              ]
            },
            {
              "product": "Cisco UTD SNORT IPS Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "16.12.1a"
                },
                {
                  "status": "affected",
                  "version": "16.12.2"
                },
                {
                  "status": "affected",
                  "version": "16.12.3"
                },
                {
                  "status": "affected",
                  "version": "16.12.4"
                },
                {
                  "status": "affected",
                  "version": "16.12.5"
                },
                {
                  "status": "affected",
                  "version": "16.12.6"
                },
                {
                  "status": "affected",
                  "version": "16.12.7"
                },
                {
                  "status": "affected",
                  "version": "16.12.8"
                },
                {
                  "status": "affected",
                  "version": "16.6.1"
                },
                {
                  "status": "affected",
                  "version": "16.6.5"
                },
                {
                  "status": "affected",
                  "version": "16.6.6"
                },
                {
                  "status": "affected",
                  "version": "16.6.7a"
                },
                {
                  "status": "affected",
                  "version": "16.6.9"
                },
                {
                  "status": "affected",
                  "version": "16.6.10"
                },
                {
                  "status": "affected",
                  "version": "17.1.1"
                },
                {
                  "status": "affected",
                  "version": "17.2.1r"
                },
                {
                  "status": "affected",
                  "version": "17.3.1a"
                },
                {
                  "status": "affected",
                  "version": "17.3.2"
                },
                {
                  "status": "affected",
                  "version": "17.3.3"
                },
                {
                  "status": "affected",
                  "version": "17.3.4a"
                },
                {
                  "status": "affected",
                  "version": "17.3.6"
                },
                {
                  "status": "affected",
                  "version": "17.3.5"
                },
                {
                  "status": "affected",
                  "version": "17.3.7"
                },
                {
                  "status": "affected",
                  "version": "3.17.0S"
                },
                {
                  "status": "affected",
                  "version": "3.17.1S"
                },
                {
                  "status": "affected",
                  "version": "17.4.1a"
                },
                {
                  "status": "affected",
                  "version": "17.4.2"
                },
                {
                  "status": "affected",
                  "version": "17.4.1b"
                },
                {
                  "status": "affected",
                  "version": "17.5.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.2"
                },
                {
                  "status": "affected",
                  "version": "17.6.3a"
                },
                {
                  "status": "affected",
                  "version": "17.6.4"
                },
                {
                  "status": "affected",
                  "version": "17.6.5"
                },
                {
                  "status": "affected",
                  "version": "17.7.1a"
                },
                {
                  "status": "affected",
                  "version": "17.7.2"
                },
                {
                  "status": "affected",
                  "version": "17.10.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.2a"
                },
                {
                  "status": "affected",
                  "version": "17.9.3a"
                },
                {
                  "status": "affected",
                  "version": "17.8.1a"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.2"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.4"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.6"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.3"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.7"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.8"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.5"
                },
                {
                  "status": "affected",
                  "version": "Denali-16.3.3"
                },
                {
                  "status": "affected",
                  "version": "Denali-16.3.9"
                },
                {
                  "status": "affected",
                  "version": "Denali-16.3.7"
                },
                {
                  "status": "affected",
                  "version": "Denali-16.3.5"
                },
                {
                  "status": "affected",
                  "version": "Denali-16.3.4"
                },
                {
                  "status": "affected",
                  "version": "Everest-16.6.3"
                },
                {
                  "status": "affected",
                  "version": "Everest-16.6.4"
                },
                {
                  "status": "affected",
                  "version": "Everest-16.6.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1039",
                  "description": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:41.206Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-snort-ftd-zXYtnjOM",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM"
            }
          ],
          "source": {
            "advisory": "cisco-sa-snort-ftd-zXYtnjOM",
            "defects": [
              "CSCwb69096",
              "CSCwd83613",
              "CSCwd09631",
              "CSCwe02137",
              "CSCwe57521"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20071",
        "datePublished": "2023-11-01T17:07:44.528Z",
        "dateReserved": "2022-10-27T18:47:50.328Z",
        "dateUpdated": "2024-08-02T08:57:35.845Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40114 (GCVE-0-2021-40114)

    Vulnerability from nvd – Published: 2021-10-27 18:56 – Updated: 2024-11-07 21:43
    VLAI
    Title
    Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability
    Summary
    Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Date Public
    2021-10-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.905Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20211027 Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU"
              },
              {
                "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
              },
              {
                "name": "DSA-5354",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5354"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-40114",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:39:43.541348Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:43:47.611Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Firepower Threat Defense Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-10-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-19T00:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20211027 Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU"
            },
            {
              "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
            },
            {
              "name": "DSA-5354",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.debian.org/security/2023/dsa-5354"
            }
          ],
          "source": {
            "advisory": "cisco-sa-snort-dos-s2R7W9UU",
            "defect": [
              [
                "CSCvt57503",
                "CSCvx29001"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-40114",
        "datePublished": "2021-10-27T18:56:37.380Z",
        "dateReserved": "2021-08-25T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:43:47.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20071 (GCVE-0-2023-20071)

    Vulnerability from cvelistv5 – Published: 2023-11-01 17:07 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.
    CWE
    • CWE-1039 - Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Firepower Threat Defense Software Affected: 6.2.3
    Affected: 6.2.3.1
    Affected: 6.2.3.2
    Affected: 6.2.3.3
    Affected: 6.2.3.4
    Affected: 6.2.3.5
    Affected: 6.2.3.6
    Affected: 6.2.3.7
    Affected: 6.2.3.8
    Affected: 6.2.3.10
    Affected: 6.2.3.11
    Affected: 6.2.3.9
    Affected: 6.2.3.12
    Affected: 6.2.3.13
    Affected: 6.2.3.14
    Affected: 6.2.3.15
    Affected: 6.2.3.16
    Affected: 6.2.3.17
    Affected: 6.2.3.18
    Affected: 6.6.0
    Affected: 6.6.0.1
    Affected: 6.6.1
    Affected: 6.6.3
    Affected: 6.6.4
    Affected: 6.6.5
    Affected: 6.6.5.1
    Affected: 6.6.5.2
    Affected: 6.6.7
    Affected: 6.6.7.1
    Affected: 6.4.0
    Affected: 6.4.0.1
    Affected: 6.4.0.3
    Affected: 6.4.0.2
    Affected: 6.4.0.4
    Affected: 6.4.0.5
    Affected: 6.4.0.6
    Affected: 6.4.0.7
    Affected: 6.4.0.8
    Affected: 6.4.0.9
    Affected: 6.4.0.10
    Affected: 6.4.0.11
    Affected: 6.4.0.12
    Affected: 6.4.0.13
    Affected: 6.4.0.14
    Affected: 6.4.0.15
    Affected: 6.4.0.16
    Affected: 6.7.0
    Affected: 6.7.0.1
    Affected: 6.7.0.2
    Affected: 6.7.0.3
    Affected: 7.0.0
    Affected: 7.0.0.1
    Affected: 7.0.1
    Affected: 7.0.1.1
    Affected: 7.0.2
    Affected: 7.0.2.1
    Affected: 7.0.3
    Affected: 7.0.4
    Affected: 7.0.5
    Affected: 7.1.0
    Affected: 7.1.0.1
    Affected: 7.1.0.2
    Affected: 7.1.0.3
    Affected: 7.2.0
    Affected: 7.2.0.1
    Affected: 7.2.1
    Affected: 7.2.2
    Affected: 7.2.3
    Affected: 7.3.0
    Affected: 7.3.1
    Affected: 7.3.1.1
    Create a notification for this product.
    Cisco Cisco Umbrella Insights Virtual Appliance Affected: N/A
    Create a notification for this product.
    Cisco Cisco Cyber Vision Affected: 3.0.4
    Affected: 3.0.0
    Affected: 3.0.1
    Affected: 3.0.2
    Affected: 3.0.3
    Affected: 3.0.5
    Affected: 3.0.6
    Affected: 3.1.0
    Affected: 3.1.2
    Affected: 3.1.1
    Affected: 3.2.3
    Affected: 3.2.1
    Affected: 3.2.4
    Affected: 3.2.0
    Affected: 3.2.2
    Affected: 4.0.0
    Affected: 4.0.1
    Affected: 4.0.2
    Affected: 4.0.3
    Affected: 4.1.0
    Affected: 4.1.1
    Affected: 4.1.2
    Create a notification for this product.
    Cisco Cisco UTD SNORT IPS Engine Software Affected: 16.12.1a
    Affected: 16.12.2
    Affected: 16.12.3
    Affected: 16.12.4
    Affected: 16.12.5
    Affected: 16.12.6
    Affected: 16.12.7
    Affected: 16.12.8
    Affected: 16.6.1
    Affected: 16.6.5
    Affected: 16.6.6
    Affected: 16.6.7a
    Affected: 16.6.9
    Affected: 16.6.10
    Affected: 17.1.1
    Affected: 17.2.1r
    Affected: 17.3.1a
    Affected: 17.3.2
    Affected: 17.3.3
    Affected: 17.3.4a
    Affected: 17.3.6
    Affected: 17.3.5
    Affected: 17.3.7
    Affected: 3.17.0S
    Affected: 3.17.1S
    Affected: 17.4.1a
    Affected: 17.4.2
    Affected: 17.4.1b
    Affected: 17.5.1a
    Affected: 17.6.1a
    Affected: 17.6.2
    Affected: 17.6.3a
    Affected: 17.6.4
    Affected: 17.6.5
    Affected: 17.7.1a
    Affected: 17.7.2
    Affected: 17.10.1a
    Affected: 17.9.1a
    Affected: 17.9.2a
    Affected: 17.9.3a
    Affected: 17.8.1a
    Affected: Fuji-16.9.2
    Affected: Fuji-16.9.4
    Affected: Fuji-16.9.6
    Affected: Fuji-16.9.3
    Affected: Fuji-16.9.7
    Affected: Fuji-16.9.8
    Affected: Fuji-16.9.5
    Affected: Denali-16.3.3
    Affected: Denali-16.3.9
    Affected: Denali-16.3.7
    Affected: Denali-16.3.5
    Affected: Denali-16.3.4
    Affected: Everest-16.6.3
    Affected: Everest-16.6.4
    Affected: Everest-16.6.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.845Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-snort-ftd-zXYtnjOM",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Firepower Threat Defense Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.7"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.8"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.10"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.11"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.12"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.13"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.14"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.15"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.16"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.17"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.18"
                },
                {
                  "status": "affected",
                  "version": "6.6.0"
                },
                {
                  "status": "affected",
                  "version": "6.6.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.6.1"
                },
                {
                  "status": "affected",
                  "version": "6.6.3"
                },
                {
                  "status": "affected",
                  "version": "6.6.4"
                },
                {
                  "status": "affected",
                  "version": "6.6.5"
                },
                {
                  "status": "affected",
                  "version": "6.6.5.1"
                },
                {
                  "status": "affected",
                  "version": "6.6.5.2"
                },
                {
                  "status": "affected",
                  "version": "6.6.7"
                },
                {
                  "status": "affected",
                  "version": "6.6.7.1"
                },
                {
                  "status": "affected",
                  "version": "6.4.0"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.3"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.4"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.6"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.8"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.9"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.10"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.11"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.12"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.13"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.14"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.15"
                },
                {
                  "status": "affected",
                  "version": "6.4.0.16"
                },
                {
                  "status": "affected",
                  "version": "6.7.0"
                },
                {
                  "status": "affected",
                  "version": "6.7.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.7.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.7.0.3"
                },
                {
                  "status": "affected",
                  "version": "7.0.0"
                },
                {
                  "status": "affected",
                  "version": "7.0.0.1"
                },
                {
                  "status": "affected",
                  "version": "7.0.1"
                },
                {
                  "status": "affected",
                  "version": "7.0.1.1"
                },
                {
                  "status": "affected",
                  "version": "7.0.2"
                },
                {
                  "status": "affected",
                  "version": "7.0.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.0.3"
                },
                {
                  "status": "affected",
                  "version": "7.0.4"
                },
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "7.1.0"
                },
                {
                  "status": "affected",
                  "version": "7.1.0.1"
                },
                {
                  "status": "affected",
                  "version": "7.1.0.2"
                },
                {
                  "status": "affected",
                  "version": "7.1.0.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.0"
                },
                {
                  "status": "affected",
                  "version": "7.2.0.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.2"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.0"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "7.3.1.1"
                }
              ]
            },
            {
              "product": "Cisco Umbrella Insights Virtual Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Cyber Vision",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.4"
                },
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "3.0.3"
                },
                {
                  "status": "affected",
                  "version": "3.0.5"
                },
                {
                  "status": "affected",
                  "version": "3.0.6"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.2"
                },
                {
                  "status": "affected",
                  "version": "3.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.2.3"
                },
                {
                  "status": "affected",
                  "version": "3.2.1"
                },
                {
                  "status": "affected",
                  "version": "3.2.4"
                },
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.2"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.1"
                },
                {
                  "status": "affected",
                  "version": "4.0.2"
                },
                {
                  "status": "affected",
                  "version": "4.0.3"
                },
                {
                  "status": "affected",
                  "version": "4.1.0"
                },
                {
                  "status": "affected",
                  "version": "4.1.1"
                },
                {
                  "status": "affected",
                  "version": "4.1.2"
                }
              ]
            },
            {
              "product": "Cisco UTD SNORT IPS Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "16.12.1a"
                },
                {
                  "status": "affected",
                  "version": "16.12.2"
                },
                {
                  "status": "affected",
                  "version": "16.12.3"
                },
                {
                  "status": "affected",
                  "version": "16.12.4"
                },
                {
                  "status": "affected",
                  "version": "16.12.5"
                },
                {
                  "status": "affected",
                  "version": "16.12.6"
                },
                {
                  "status": "affected",
                  "version": "16.12.7"
                },
                {
                  "status": "affected",
                  "version": "16.12.8"
                },
                {
                  "status": "affected",
                  "version": "16.6.1"
                },
                {
                  "status": "affected",
                  "version": "16.6.5"
                },
                {
                  "status": "affected",
                  "version": "16.6.6"
                },
                {
                  "status": "affected",
                  "version": "16.6.7a"
                },
                {
                  "status": "affected",
                  "version": "16.6.9"
                },
                {
                  "status": "affected",
                  "version": "16.6.10"
                },
                {
                  "status": "affected",
                  "version": "17.1.1"
                },
                {
                  "status": "affected",
                  "version": "17.2.1r"
                },
                {
                  "status": "affected",
                  "version": "17.3.1a"
                },
                {
                  "status": "affected",
                  "version": "17.3.2"
                },
                {
                  "status": "affected",
                  "version": "17.3.3"
                },
                {
                  "status": "affected",
                  "version": "17.3.4a"
                },
                {
                  "status": "affected",
                  "version": "17.3.6"
                },
                {
                  "status": "affected",
                  "version": "17.3.5"
                },
                {
                  "status": "affected",
                  "version": "17.3.7"
                },
                {
                  "status": "affected",
                  "version": "3.17.0S"
                },
                {
                  "status": "affected",
                  "version": "3.17.1S"
                },
                {
                  "status": "affected",
                  "version": "17.4.1a"
                },
                {
                  "status": "affected",
                  "version": "17.4.2"
                },
                {
                  "status": "affected",
                  "version": "17.4.1b"
                },
                {
                  "status": "affected",
                  "version": "17.5.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.2"
                },
                {
                  "status": "affected",
                  "version": "17.6.3a"
                },
                {
                  "status": "affected",
                  "version": "17.6.4"
                },
                {
                  "status": "affected",
                  "version": "17.6.5"
                },
                {
                  "status": "affected",
                  "version": "17.7.1a"
                },
                {
                  "status": "affected",
                  "version": "17.7.2"
                },
                {
                  "status": "affected",
                  "version": "17.10.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.2a"
                },
                {
                  "status": "affected",
                  "version": "17.9.3a"
                },
                {
                  "status": "affected",
                  "version": "17.8.1a"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.2"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.4"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.6"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.3"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.7"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.8"
                },
                {
                  "status": "affected",
                  "version": "Fuji-16.9.5"
                },
                {
                  "status": "affected",
                  "version": "Denali-16.3.3"
                },
                {
                  "status": "affected",
                  "version": "Denali-16.3.9"
                },
                {
                  "status": "affected",
                  "version": "Denali-16.3.7"
                },
                {
                  "status": "affected",
                  "version": "Denali-16.3.5"
                },
                {
                  "status": "affected",
                  "version": "Denali-16.3.4"
                },
                {
                  "status": "affected",
                  "version": "Everest-16.6.3"
                },
                {
                  "status": "affected",
                  "version": "Everest-16.6.4"
                },
                {
                  "status": "affected",
                  "version": "Everest-16.6.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1039",
                  "description": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:41.206Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-snort-ftd-zXYtnjOM",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM"
            }
          ],
          "source": {
            "advisory": "cisco-sa-snort-ftd-zXYtnjOM",
            "defects": [
              "CSCwb69096",
              "CSCwd83613",
              "CSCwd09631",
              "CSCwe02137",
              "CSCwe57521"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20071",
        "datePublished": "2023-11-01T17:07:44.528Z",
        "dateReserved": "2022-10-27T18:47:50.328Z",
        "dateUpdated": "2024-08-02T08:57:35.845Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40114 (GCVE-0-2021-40114)

    Vulnerability from cvelistv5 – Published: 2021-10-27 18:56 – Updated: 2024-11-07 21:43
    VLAI
    Title
    Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability
    Summary
    Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Date Public
    2021-10-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.905Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20211027 Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU"
              },
              {
                "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
              },
              {
                "name": "DSA-5354",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5354"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-40114",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:39:43.541348Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:43:47.611Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Firepower Threat Defense Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-10-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-19T00:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20211027 Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU"
            },
            {
              "name": "[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html"
            },
            {
              "name": "DSA-5354",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.debian.org/security/2023/dsa-5354"
            }
          ],
          "source": {
            "advisory": "cisco-sa-snort-dos-s2R7W9UU",
            "defect": [
              [
                "CSCvt57503",
                "CSCvx29001"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-40114",
        "datePublished": "2021-10-27T18:56:37.380Z",
        "dateReserved": "2021-08-25T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:43:47.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }