March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Nanocore Rat – Active IOCs
July 7, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
July 7, 2021Rewterz Threat Alert – Nanocore Rat – Active IOCs
July 7, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
July 7, 2021
Severity
High
Analysis Summary
CVE-2021-3449
OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signature_algorithms processing. By sending a specially crafted renegotiation ClientHello message from a client, a remote attacker could exploit this vulnerability to cause the TLS server to crash.
CVE-2021-3450
OpenSSL could allow a remote attacker to bypass security restrictions, caused by a missing check in the validation logic of X.509 certificate chains by the X509_V_FLAG_X509_STRICT flag. By using any valid certificate or certificate chain to sign a specially crafted certificate, an attacker could bypass the check that non-CA certificates must not be able to issue other certificates and override the default purpose.
The exploitation of these vulnerabilities could allow an attacker to use a valid non-certificate authority (CA) certificate to act as a CA and sign a certificate for an arbitrary organization, user or device, or to cause a denial of service (DoS) condition.
Impact
- Denial of Service
- Bypass Security
Affected Vendors
Cisco
Affected Products
- Cisco Webex Meetings Server
- Cisco Meraki MS390
- Cisco Firepower 9300 Security Appliances
- Cisco Firepower 4100 Series Appliance
- Cisco Nexus 3000 Series Switches (NX-OS 10.1)
- Cisco Small Business RV Series RV320 Dual Gigabit WAN VPN Route
- Cisco UCS Standalone C-Series Rack Server – Integrated Management Controller
- Cisco Security Manager
Remediation
Refer to Cisco Security Advisory for the patch, upgrade, or suggested workaround information.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd