Strix
26.1K

CVE-2021-34793

HIGHCVSS 8.6/10EPSS 0.65%

Last modified

CVE-2021-34793 is a high-severity vulnerability rated 8.6/10 on the CVSS scale. A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. EPSS estimates a 0.65% chance of exploitation in the next 30 days.

Description

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption.

Metrics

CVSS 3.1
8.6/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS Probability
0.65%

46.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoAdaptive Security Appliance< 9.8.4.40
CiscoFirepower Threat Defense< 6.4.0.13
CiscoFirepower Threat Defense>= 6.5.0, < 6.6.5
CiscoFirepower Threat Defense>= 6.7.0, < 6.7.0.3
CiscoAdaptive Security Appliance Software>= 9.9.0, < 9.12.4.29
CiscoAdaptive Security Appliance Software>= 9.13.0, < 9.14.3.9
CiscoAdaptive Security Appliance Software>= 9.15.0, < 9.15.1.17
CiscoAdaptive Security Appliance Software>= 9.16.0, < 9.16.2.3
CiscoAsa 5512-X Firmware009.008\(004.025\)
CiscoAsa 5505 Firmware009.008\(004.025\)
CiscoAsa 5515-X Firmware009.008\(004.025\)
CiscoAsa 5525-X Firmware009.008\(004.025\)
CiscoAsa 5545-X Firmware009.008\(004.025\)
CiscoAsa 5555-X Firmware009.008\(004.025\)
CiscoAsa 5580 Firmware009.008\(004.025\)
CiscoAsa 5585-X Firmware009.008\(004.025\)

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-34793?
A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption.
How severe is CVE-2021-34793?
CVE-2021-34793 has a CVSS score of 8.6/10 (HIGH severity). The EPSS model estimates a 0.65% probability of exploitation in the next 30 days.
How do I fix CVE-2021-34793?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-34793?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST