CVE-2021-1402 is a vulnerability in Cisco Firepower Threat Defense Software
Published on April 29, 2021
Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload.
Weakness Type
What is a Buffer Overflow Vulnerability?
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
CVE-2021-1402 has been classified to as a Buffer Overflow vulnerability or weakness.
Products Associated with CVE-2021-1402
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-1402 are published in Cisco Firepower Threat Defense Software:
Affected Versions
Cisco Firepower Threat Defense Software Version n/a is affected by CVE-2021-1402Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.