A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Oct 2021, 14:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-755 | |
CPE | cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.0.3:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.5.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.6.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.3.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.5.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.7.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.7.0.3:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.4.0.13:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.3.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.7.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:sourcefire_defense_center:6.6.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_management_center_virtual_appliance:6.4.0.13:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.1
v3 : 7.5 |
References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r - Vendor Advisory |
27 Oct 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover. |
27 Oct 2021, 19:35
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-10-27 19:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-34781
Mitre link : CVE-2021-34781
CVE.ORG link : CVE-2021-34781
JSON object : View
Products Affected
cisco
- firepower_threat_defense
- firepower_management_center_virtual_appliance
- sourcefire_defense_center