CVE-2021-1224

Summary

CVE	CVE-2021-1224
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-01-13 22:15:00 UTC
Updated	2023-11-07 03:27:00 UTC
Description	Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Cisco	1100-4p Integrated Services Router	-	All	All	All
Hardware	Cisco	1100-8p Integrated Services Router	-	All	All	All
Hardware	Cisco	1101-4p Integrated Services Router	-	All	All	All
Hardware	Cisco	1109-2p Integrated Services Router	-	All	All	All
Hardware	Cisco	1109-4p Integrated Services Router	-	All	All	All
Hardware	Cisco	1111x-8p Integrated Services Router	-	All	All	All
Hardware	Cisco	4221 Integrated Services Router	-	All	All	All
Hardware	Cisco	4321 Integrated Services Router	-	All	All	All
Hardware	Cisco	4331 Integrated Services Router	-	All	All	All
Hardware	Cisco	4351 Integrated Services Router	-	All	All	All
Hardware	Cisco	4431 Integrated Services Router	-	All	All	All
Hardware	Cisco	4451-x Integrated Services Router	-	All	All	All
Hardware	Cisco	4461 Integrated Services Router	-	All	All	All
Hardware	Cisco	Csr 1000v	-	All	All	All
Hardware	Cisco	Csr 1000v	-	All	All	All
Hardware	Cisco	Csr 1000v	-	All	All	All
Application	Cisco	Firepower Management Center	2.9.14.0	All	All	All
Application	Cisco	Firepower Management Center	2.9.15	All	All	All
Application	Cisco	Firepower Management Center	2.9.16	All	All	All
Application	Cisco	Firepower Management Center	2.9.17	All	All	All
Application	Cisco	Firepower Management Center	2.9.18	All	All	All
Application	Cisco	Firepower Management Center	3.0.1	All	All	All
Application	Cisco	Firepower Management Center	2.9.14.0	All	All	All
Application	Cisco	Firepower Management Center	2.9.15	All	All	All
Application	Cisco	Firepower Management Center	2.9.16	All	All	All
Application	Cisco	Firepower Management Center	2.9.17	All	All	All
Application	Cisco	Firepower Management Center	2.9.18	All	All	All
Application	Cisco	Firepower Management Center	3.0.1	All	All	All
Application	Cisco	Firepower Threat Defense	All	All	All	All
Application	Cisco	Firepower Threat Defense	All	All	All	All
Operating System	Cisco	Ios Xe	All	All	All	All
Operating System	Cisco	Ios Xe	All	All	All	All
Hardware	Cisco	Isa 3000	-	All	All	All
Hardware	Cisco	Isa 3000	-	All	All	All
Hardware	Cisco	Isa 3000	-	All	All	All
Hardware	Cisco	Isr 1100-4p	-	All	All	All
Hardware	Cisco	Isr 1100-4p	-	All	All	All
Hardware	Cisco	Isr 1100-4p	-	All	All	All
Hardware	Cisco	Isr 1100-8p	-	All	All	All
Hardware	Cisco	Isr 1100-8p	-	All	All	All
Hardware	Cisco	Isr 1100-8p	-	All	All	All
Hardware	Cisco	Isr 1101-4p	-	All	All	All
Hardware	Cisco	Isr 1101-4p	-	All	All	All
Hardware	Cisco	Isr 1101-4p	-	All	All	All
Hardware	Cisco	Isr 1109-2p	-	All	All	All
Hardware	Cisco	Isr 1109-2p	-	All	All	All
Hardware	Cisco	Isr 1109-2p	-	All	All	All
Hardware	Cisco	Isr 1109-4p	-	All	All	All
Hardware	Cisco	Isr 1109-4p	-	All	All	All
Hardware	Cisco	Isr 1109-4p	-	All	All	All
Hardware	Cisco	Isr 1111x-8p	-	All	All	All
Hardware	Cisco	Isr 1111x-8p	-	All	All	All
Hardware	Cisco	Isr 1111x-8p	-	All	All	All
Hardware	Cisco	Isr 4221	-	All	All	All
Hardware	Cisco	Isr 4221	-	All	All	All
Hardware	Cisco	Isr 4221	-	All	All	All
Hardware	Cisco	Isr 4321	-	All	All	All
Hardware	Cisco	Isr 4321	-	All	All	All
Hardware	Cisco	Isr 4321	-	All	All	All
Hardware	Cisco	Isr 4331	-	All	All	All
Hardware	Cisco	Isr 4331	-	All	All	All
Hardware	Cisco	Isr 4331	-	All	All	All
Hardware	Cisco	Isr 4351	-	All	All	All
Hardware	Cisco	Isr 4351	-	All	All	All
Hardware	Cisco	Isr 4351	-	All	All	All
Hardware	Cisco	Isr 4431	-	All	All	All
Hardware	Cisco	Isr 4431	-	All	All	All
Hardware	Cisco	Isr 4431	-	All	All	All
Hardware	Cisco	Isr 4451-x	-	All	All	All
Hardware	Cisco	Isr 4451-x	-	All	All	All
Hardware	Cisco	Isr 4451-x	-	All	All	All
Hardware	Cisco	Isr 4461	-	All	All	All
Hardware	Cisco	Isr 4461	-	All	All	All
Hardware	Cisco	Isr 4461	-	All	All	All
Hardware	Cisco	Meraki Mx100	-	All	All	All
Hardware	Cisco	Meraki Mx100	-	All	All	All
Hardware	Cisco	Meraki Mx100	-	All	All	All
Operating System	Cisco	Meraki Mx100 Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx100 Firmware	-	All	All	All
Hardware	Cisco	Meraki Mx250	-	All	All	All
Hardware	Cisco	Meraki Mx250	-	All	All	All
Hardware	Cisco	Meraki Mx250	-	All	All	All
Operating System	Cisco	Meraki Mx250 Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx250 Firmware	-	All	All	All
Hardware	Cisco	Meraki Mx450	-	All	All	All
Hardware	Cisco	Meraki Mx450	-	All	All	All
Hardware	Cisco	Meraki Mx450	-	All	All	All
Operating System	Cisco	Meraki Mx450 Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx450 Firmware	-	All	All	All
Hardware	Cisco	Meraki Mx64	-	All	All	All
Hardware	Cisco	Meraki Mx64	-	All	All	All
Hardware	Cisco	Meraki Mx64	-	All	All	All
Hardware	Cisco	Meraki Mx64w	-	All	All	All
Hardware	Cisco	Meraki Mx64w	-	All	All	All
Hardware	Cisco	Meraki Mx64w	-	All	All	All
Operating System	Cisco	Meraki Mx64w Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx64w Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx64 Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx64 Firmware	-	All	All	All
Hardware	Cisco	Meraki Mx67	-	All	All	All
Hardware	Cisco	Meraki Mx67	-	All	All	All
Hardware	Cisco	Meraki Mx67	-	All	All	All
Hardware	Cisco	Meraki Mx67c	-	All	All	All
Hardware	Cisco	Meraki Mx67c	-	All	All	All
Hardware	Cisco	Meraki Mx67c	-	All	All	All
Operating System	Cisco	Meraki Mx67c Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx67c Firmware	-	All	All	All
Hardware	Cisco	Meraki Mx67w	-	All	All	All
Hardware	Cisco	Meraki Mx67w	-	All	All	All
Hardware	Cisco	Meraki Mx67w	-	All	All	All
Operating System	Cisco	Meraki Mx67w Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx67w Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx67 Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx67 Firmware	-	All	All	All
Hardware	Cisco	Meraki Mx68	-	All	All	All
Hardware	Cisco	Meraki Mx68	-	All	All	All
Hardware	Cisco	Meraki Mx68	-	All	All	All
Hardware	Cisco	Meraki Mx68cw	-	All	All	All
Hardware	Cisco	Meraki Mx68cw	-	All	All	All
Hardware	Cisco	Meraki Mx68cw	-	All	All	All
Operating System	Cisco	Meraki Mx68cw Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx68cw Firmware	-	All	All	All
Hardware	Cisco	Meraki Mx68w	-	All	All	All
Hardware	Cisco	Meraki Mx68w	-	All	All	All
Hardware	Cisco	Meraki Mx68w	-	All	All	All
Operating System	Cisco	Meraki Mx68w Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx68w Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx68 Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx68 Firmware	-	All	All	All
Hardware	Cisco	Meraki Mx84	-	All	All	All
Hardware	Cisco	Meraki Mx84	-	All	All	All
Hardware	Cisco	Meraki Mx84	-	All	All	All
Operating System	Cisco	Meraki Mx84 Firmware	-	All	All	All
Operating System	Cisco	Meraki Mx84 Firmware	-	All	All	All
Application	Snort	Snort	All	All	All	All
Application	Snort	Snort	All	All	All	All

References

Reference	Source	Link	Tags
Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability	CISCO	tools.cisco.com	Vendor Advisory
Debian -- Security Information -- DSA-5354-1 snort	DEBIAN	www.debian.org
[SECURITY] [DLA 3317-1] snort security update	MLIST	lists.debian.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

181554 Debian Security Update for snort (DLA 3317-1)
181678 Debian Security Update for snort (DSA 5354-1)