{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-1494", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2020-11-13T00:00:00.000Z", "datePublished": "2024-11-15T16:21:36.666Z", "dateUpdated": "2024-11-15T21:23:12.943Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-11-15T16:21:36.666Z"}, "descriptions": [{"lang": "en", "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.\r\n The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload."}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Threat Defense Software", "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Cisco", "product": "Cisco UTD SNORT IPS Engine Software", "versions": [{"version": "16.12.1a", "status": "affected"}, {"version": "16.12.2", "status": "affected"}, {"version": "16.12.3", "status": "affected"}, {"version": "16.12.4", "status": "affected"}, {"version": "16.6.1", "status": "affected"}, {"version": "16.6.5", "status": "affected"}, {"version": "16.6.6", "status": "affected"}, {"version": "16.6.7a", "status": "affected"}, {"version": "16.6.9", "status": "affected"}, {"version": "17.1.1", "status": "affected"}, {"version": "17.2.1r", "status": "affected"}, {"version": "17.3.1a", "status": "affected"}, {"version": "17.3.2", "status": "affected"}, {"version": "3.17.0S", "status": "affected"}, {"version": "3.17.1S", "status": "affected"}, {"version": "Fuji-16.9.2", "status": "affected"}, {"version": "Fuji-16.9.4", "status": "affected"}, {"version": "Fuji-16.9.6", "status": "affected"}, {"version": "Fuji-16.9.3", "status": "affected"}, {"version": "Fuji-16.9.7", "status": "affected"}, {"version": "Fuji-16.9.5", "status": "affected"}, {"version": "Denali-16.3.3", "status": "affected"}, {"version": "Denali-16.3.9", "status": "affected"}, {"version": "Denali-16.3.7", "status": "affected"}, {"version": "Denali-16.3.5", "status": "affected"}, {"version": "Denali-16.3.4", "status": "affected"}, {"version": "Everest-16.6.3", "status": "affected"}, {"version": "Everest-16.6.4", "status": "affected"}, {"version": "Everest-16.6.2", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Protection Mechanism Failure", "type": "cwe", "cweId": "CWE-693"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc", "name": "cisco-sa-http-fp-bp-KfDdcQhc"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "baseScore": 5.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "source": {"advisory": "cisco-sa-http-fp-bp-KfDdcQhc", "discovery": "INTERNAL", "defects": ["CSCvv70864", "CSCvw26645"]}}, "adp": [{"affected": [{"vendor": "cisco", "product": "firepower_threat_defense_software", "cpes": ["cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "6.4.0.12", "versionType": "custom"}, {"version": "6.5.0", "status": "affected", "lessThan": "6.6.4", "versionType": "custom"}, {"version": "6.7.0", "status": "affected", "lessThan": "6.7.0.2", "versionType": "custom"}]}, {"vendor": "cisco", "product": "utd_snort_ips_engine_software", "cpes": ["cpe:2.3:a:cisco:utd_snort_ips_engine_software:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "16.12.5", "versionType": "custom"}, {"version": "17.1", "status": "affected", "lessThan": "17.3.3", "versionType": "custom"}, {"version": "17.4", "status": "affected", "lessThan": "17.4.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-15T18:00:00.391599Z", "id": "CVE-2021-1494", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-15T21:23:12.943Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-1494", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-15T18:00:00.391599Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "firepower_threat_defense_software", "versions": [{"status": "affected", "version": "0", "lessThan": "6.4.0.12", "versionType": "custom"}, {"status": "affected", "version": "6.5.0", "lessThan": "6.6.4", "versionType": "custom"}, {"status": "affected", "version": "6.7.0", "lessThan": "6.7.0.2", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:cisco:utd_snort_ips_engine_software:*:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "utd_snort_ips_engine_software", "versions": [{"status": "affected", "version": "0", "lessThan": "16.12.5", "versionType": "custom"}, {"status": "affected", "version": "17.1", "lessThan": "17.3.3", "versionType": "custom"}, {"status": "affected", "version": "17.4", "lessThan": "17.4.1", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-15T21:23:06.575Z"}}], "cna": {"source": {"defects": ["CSCvv70864", "CSCvw26645"], "advisory": "cisco-sa-http-fp-bp-KfDdcQhc", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Threat Defense Software", "versions": [{"status": "affected", "version": "N/A"}]}, {"vendor": "Cisco", "product": "Cisco UTD SNORT IPS Engine Software", "versions": [{"status": "affected", "version": "16.12.1a"}, {"status": "affected", "version": "16.12.2"}, {"status": "affected", "version": "16.12.3"}, {"status": "affected", "version": "16.12.4"}, {"status": "affected", "version": "16.6.1"}, {"status": "affected", "version": "16.6.5"}, {"status": "affected", "version": "16.6.6"}, {"status": "affected", "version": "16.6.7a"}, {"status": "affected", "version": "16.6.9"}, {"status": "affected", "version": "17.1.1"}, {"status": "affected", "version": "17.2.1r"}, {"status": "affected", "version": "17.3.1a"}, {"status": "affected", "version": "17.3.2"}, {"status": "affected", "version": "3.17.0S"}, {"status": "affected", "version": "3.17.1S"}, {"status": "affected", "version": "Fuji-16.9.2"}, {"status": "affected", "version": "Fuji-16.9.4"}, {"status": "affected", "version": "Fuji-16.9.6"}, {"status": "affected", "version": "Fuji-16.9.3"}, {"status": "affected", "version": "Fuji-16.9.7"}, {"status": "affected", "version": "Fuji-16.9.5"}, {"status": "affected", "version": "Denali-16.3.3"}, {"status": "affected", "version": "Denali-16.3.9"}, {"status": "affected", "version": "Denali-16.3.7"}, {"status": "affected", "version": "Denali-16.3.5"}, {"status": "affected", "version": "Denali-16.3.4"}, {"status": "affected", "version": "Everest-16.6.3"}, {"status": "affected", "version": "Everest-16.6.4"}, {"status": "affected", "version": "Everest-16.6.2"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc", "name": "cisco-sa-http-fp-bp-KfDdcQhc"}], "descriptions": [{"lang": "en", "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.\r\n The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-693", "description": "Protection Mechanism Failure"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-11-15T16:21:36.666Z"}}}, "cveMetadata": {"cveId": "CVE-2021-1494", "state": "PUBLISHED", "dateUpdated": "2024-11-15T21:23:12.943Z", "dateReserved": "2020-11-13T00:00:00.000Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-11-15T16:21:36.666Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.\r\n The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload."}, {"lang": "es", "value": "Varios productos de Cisco se ven afectados por una vulnerabilidad en el motor de detecci\u00f3n Snort que podr\u00eda permitir que un atacante remoto no autenticado eluda una pol\u00edtica de archivos configurada para HTTP. La vulnerabilidad se debe a un manejo incorrecto de par\u00e1metros de encabezado HTTP espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes HTTP manipulado a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante eludir una pol\u00edtica de archivos configurada para paquetes HTTP y entregar una carga maliciosa."}], "id": "CVE-2021-1494", "lastModified": "2024-11-18T17:11:56.587", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "ykramarz@cisco.com", "type": "Primary"}]}, "published": "2024-11-15T17:15:09.423", "references": [{"source": "ykramarz@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-693"}], "source": "ykramarz@cisco.com", "type": "Primary"}]}

{}