CVE-2021-34754 : Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower T

Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet.

Published 2021-10-27 19:15:08

Updated 2021-10-28 16:13:25

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Exploit prediction scoring system (EPSS) score for CVE-2021-34754

Probability of exploitation activity in the next 30 days: 0.12%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 46 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2021-34754

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
5.8	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N	3.9	1.4	Cisco Systems, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: None Integrity: Low Availability: None
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: None

CWE ids for CVE-2021-34754

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Assigned by: ykramarz@cisco.com (Secondary)

References for CVE-2021-34754

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP

Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities
Vendor Advisory

Products affected by CVE-2021-34754

Cisco » Firepower Management Center » Version: 2.9.12
cpe:2.3:a:cisco:firepower_management_center:2.9.12:*:*:*:*:*:*:*
Matching versions
Cisco » Firepower Management Center » Version: 2.9.16
cpe:2.3:a:cisco:firepower_management_center:2.9.16:*:*:*:*:*:*:*
Matching versions
Cisco » Firepower Management Center » Version: 2.9.14.0
cpe:2.3:a:cisco:firepower_management_center:2.9.14.0:*:*:*:*:*:*:*
Matching versions
Cisco » Firepower Management Center » Version: 2.9.17
cpe:2.3:a:cisco:firepower_management_center:2.9.17:*:*:*:*:*:*:*
Matching versions
Cisco » Firepower Management Center » Version: 2.9.18
cpe:2.3:a:cisco:firepower_management_center:2.9.18:*:*:*:*:*:*:*
Matching versions
Cisco » Firepower Threat Defense
Versions from including (>=) 6.4.0 and before (<) 6.4.0.13
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
Matching versions
Cisco » Firepower Threat Defense
Versions from including (>=) 7.0.0 and before (<) 7.0.1
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
Matching versions
Cisco » Firepower Threat Defense
Versions from including (>=) 6.7.0 and before (<) 6.7.0.3
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
Matching versions
Cisco » Firepower Threat Defense
Versions from including (>=) 6.6.0 and before (<) 6.6.5.1
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2021-34754

Exploit prediction scoring system (EPSS) score for CVE-2021-34754

CVSS scores for CVE-2021-34754

CWE ids for CVE-2021-34754

References for CVE-2021-34754

Products affected by CVE-2021-34754