March 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – XLoader Malware – Active IOCs
October 28, 2021Rewterz Threat Advisory – CVE-2019-19492 – ICS: Sensormatic Electronics victor
October 29, 2021Rewterz Threat Alert – XLoader Malware – Active IOCs
October 28, 2021Rewterz Threat Advisory – CVE-2019-19492 – ICS: Sensormatic Electronics victor
October 29, 2021
Severity
Medium
Analysis Summary
CVE-2021-1444
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software are vulnerable to cross-site scripting, caused by improper validation of user-supplied input by web-based management interface. A remote attacker could exploit this vulnerability to execute script in a victim’s Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2021-34752
Cisco Firepower Threat Defense Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by insufficient validation of user-supplied command arguments in CLI. By submitting specially crafted input to the affected commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2021-34755
Cisco Firepower Threat Defense Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by insufficient validation of user-supplied command arguments in CLI. By submitting specially crafted input to the affected commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2021-34756
Cisco Firepower Threat Defense Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by insufficient validation of user-supplied command arguments in CLI. By submitting crafted input to the affected commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2021-40116
Cisco Firepower Threat Defense (FTD) Software is vulnerable to a denial of service, caused by improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. By sending a specially crafted IP packet, a remote attacker could exploit this vulnerability to cause through traffic to be dropped.
CVE-2021-34781
Cisco Firepower Threat Defense Software is vulnerable to a denial of service, caused by a lack of proper error handling when an SSH session fails to be established. By sending a high rate of crafted SSH connections to the instance, a remote attacker could exploit this vulnerability to cause resource exhaustion.
CVE-2021-34762
Cisco Firepower Management Center Software could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to the web-based management to modify arbitrary files on the system.
Impact
- Cross-SIte Scripting
- Command Execution
- Denial of Service
- Information Theft
Affected Vendors
Cisco
Affected Products
- Cisco Adaptive Security Appliance Software
- Cisco Firepower Threat Defense Software
- Cisco Firepower Threat Defense (FTD) Software
- Cisco Firepower Management Center
Remediation
Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.
CVE-2021-1444
CVE-2021-34752
CVE-2021-34755
CVE-2021-34756
CVE-2021-40116
CVE-2021-34781
CVE-2021-34762