cisco firepower-threat-defense CVE-2021-1495 vulnerability in Cisco Products
Published on April 29, 2021

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.

Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2021-1495 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
NONE
Integrity Impact:
LOW
Availability Impact:
NONE

Products Associated with CVE-2021-1495

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-1495 are published in these products:

Cisco Firepower Threat Defense
 
Cisco Firepower Threat Defense Software
 

Affected Versions

Cisco Firepower Threat Defense Software Version n/a is affected by CVE-2021-1495

Exploit Probability

EPSS
0.24%
Percentile
46.13%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.