Vulnerability Description
Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios Xe | < 17.4.1 |
| Cisco | 1100-4P Integrated Services Router | - |
| Cisco | 1100-8P Integrated Services Router | - |
| Cisco | 1101-4P Integrated Services Router | - |
| Cisco | 1109-2P Integrated Services Router | - |
| Cisco | 1109-4P Integrated Services Router | - |
| Cisco | 1111X-8P Integrated Services Router | - |
| Cisco | 4221 Integrated Services Router | - |
| Cisco | 4321 Integrated Services Router | - |
| Cisco | 4331 Integrated Services Router | - |
| Cisco | 4351 Integrated Services Router | - |
| Cisco | 4431 Integrated Services Router | - |
| Cisco | 4451-X Integrated Services Router | - |
| Cisco | 4461 Integrated Services Router | - |
| Cisco | Csr 1000V | - |
| Cisco | Isa 3000 | - |
| Cisco | Firepower Threat Defense | < 6.5.0.5 |
| Cisco | Secure Firewall Management Center | 2.9.14.0 |
| Snort | Snort | < 2.9.14 |
Related Weaknesses (CWE)
References
- https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sVendor Advisory
- https://www.debian.org/security/2023/dsa-5354
- https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sVendor Advisory
- https://www.debian.org/security/2023/dsa-5354
FAQ
What is CVE-2021-1236?
CVE-2021-1236 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected ...
How severe is CVE-2021-1236?
CVE-2021-1236 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-1236?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xe, Cisco 1100-4P Integrated Services Router, Cisco 1100-8P Integrated Services Router, Cisco 1101-4P Integrated Services Router, Cisco 1109-2P Integrated Services Router.