CVE-2021-40117

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Reference Links(if available):

  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9
  • CVSS Score (if available)

    v2: / HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C

    v3: / HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

    Links to Exploits(if available)

  • Available for Amazon Prime