PT-2021-4911 · Cisco · Cisco Asa+1

Published

2021-10-27

Updated

2023-08-16

CVE-2021-34792

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description The issue is related to improper resource management when connection rates are high, which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. An attacker could exploit this by opening a significant number of connections on the device, potentially causing it to reload.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Resource Exhaustion

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-401

Related Identifiers

BDU:2021-05646

CVE-2021-34792

Affected Products

Cisco Asa

Cisco Ftd

PT-2021-4911 · Cisco · Cisco Asa+1

CVE-2021-34792

Weakness Enumeration

Related Identifiers

Affected Products

References · 8