CVE-2021-34794 - OpenCVE

A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Adaptive Security Appliance Software Asa 5505 Asa 5505 Firmware Asa 5512-x Asa 5512-x Firmware Asa 5515-x Asa 5515-x Firmware Asa 5525-x Asa 5525-x Firmware Asa 5545-x Asa 5545-x Firmware Asa 5555-x Asa 5555-x Firmware Asa 5580 Asa 5580 Firmware Asa 5585-x Asa 5585-x Firmware Firepower Threat Defense

Configuration 1 [-]

OR	cpe:2.3:a:cisco:firepower_threat_defense::::::::
	cpe:2.3:a:cisco:firepower_threat_defense::::::::
	cpe:2.3:a:cisco:firepower_threat_defense::::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::

Configuration 2 [-]

AND

cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:cisco:asa_5512-x_firmware:009.014\(001\):::::::*
	cpe:2.3:o:cisco:asa_5512-x_firmware:099.015\(001.033\):::::::*
	cpe:2.3:o:cisco:asa_5512-x_firmware:099.016\(001.216\):::::::*

Configuration 3 [-]

AND

cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:cisco:asa_5505_firmware:009.014\(001\):::::::*
	cpe:2.3:o:cisco:asa_5505_firmware:099.015\(001.033\):::::::*
	cpe:2.3:o:cisco:asa_5505_firmware:099.016\(001.216\):::::::*

Configuration 4 [-]

AND

cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:cisco:asa_5515-x_firmware:009.014\(001\):::::::*
	cpe:2.3:o:cisco:asa_5515-x_firmware:099.015\(001.033\):::::::*
	cpe:2.3:o:cisco:asa_5515-x_firmware:099.016\(001.216\):::::::*

Configuration 5 [-]

AND

cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:cisco:asa_5525-x_firmware:009.014\(001\):::::::*
	cpe:2.3:o:cisco:asa_5525-x_firmware:099.015\(001.033\):::::::*
	cpe:2.3:o:cisco:asa_5525-x_firmware:099.016\(001.216\):::::::*

Configuration 6 [-]

AND

cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:cisco:asa_5545-x_firmware:009.014\(001\):::::::*
	cpe:2.3:o:cisco:asa_5545-x_firmware:099.015\(001.033\):::::::*
	cpe:2.3:o:cisco:asa_5545-x_firmware:099.016\(001.216\):::::::*

Configuration 7 [-]

AND

cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:cisco:asa_5555-x_firmware:009.014\(001\):::::::*
	cpe:2.3:o:cisco:asa_5555-x_firmware:099.015\(001.033\):::::::*
	cpe:2.3:o:cisco:asa_5555-x_firmware:099.016\(001.216\):::::::*

Configuration 8 [-]

AND

cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:cisco:asa_5580_firmware:009.014\(001\):::::::*
	cpe:2.3:o:cisco:asa_5580_firmware:099.015\(001.033\):::::::*
	cpe:2.3:o:cisco:asa_5580_firmware:099.016\(001.216\):::::::*

Configuration 9 [-]

AND

cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:cisco:asa_5585-x_firmware:009.014\(001\):::::::*
	cpe:2.3:o:cisco:asa_5585-x_firmware:099.015\(001.033\):::::::*
	cpe:2.3:o:cisco:asa_5585-x_firmware:099.016\(001.216\):::::::*

No data.

References

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2021-10-27T18:56:31.725600Z

Updated: 2024-09-16T22:19:59.502Z

Reserved: 2021-06-15T00:00:00

Link: CVE-2021-34794

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-10-27T19:15:08.613

Modified: 2023-11-07T03:36:26.490

Link: CVE-2021-34794

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object