Request a Demo
Rewterz
Rewterz Threat Alert – XLoader Malware – Active IOCs
October 28, 2021
Rewterz
Rewterz Threat Advisory – CVE-2019-19492 – ICS: Sensormatic Electronics victor
October 29, 2021

Rewterz Threat Advisory – Multiple Cisco Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2021-1444 

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software are vulnerable to cross-site scripting, caused by improper validation of user-supplied input by web-based management interface. A remote attacker could exploit this vulnerability to execute script in a victim’s Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2021-34752 

Cisco Firepower Threat Defense Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by insufficient validation of user-supplied command arguments in CLI. By submitting specially crafted input to the affected commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2021-34755 

Cisco Firepower Threat Defense Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by insufficient validation of user-supplied command arguments in CLI. By submitting specially crafted input to the affected commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2021-34756 

Cisco Firepower Threat Defense Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by insufficient validation of user-supplied command arguments in CLI. By submitting crafted input to the affected commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2021-40116 

Cisco Firepower Threat Defense (FTD) Software is vulnerable to a denial of service, caused by improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. By sending a specially crafted IP packet, a remote attacker could exploit this vulnerability to cause through traffic to be dropped.

CVE-2021-34781 

Cisco Firepower Threat Defense Software is vulnerable to a denial of service, caused by a lack of proper error handling when an SSH session fails to be established. By sending a high rate of crafted SSH connections to the instance, a remote attacker could exploit this vulnerability to cause resource exhaustion.

CVE-2021-34762 

Cisco Firepower Management Center Software could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to the web-based management to modify arbitrary files on the system.

Impact

  • Cross-SIte Scripting
  • Command Execution
  • Denial of Service
  • Information Theft

Affected Vendors

Cisco

Affected Products

  • Cisco Adaptive Security Appliance Software
  • Cisco Firepower Threat Defense Software
  • Cisco Firepower Threat Defense (FTD) Software
  • Cisco Firepower Management Center

Remediation

Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2021-1444

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-webui-gQLSFyPM

CVE-2021-34752

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8

CVE-2021-34755

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8

CVE-2021-34756

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8

CVE-2021-40116

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM

CVE-2021-34781

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r

CVE-2021-34762

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk