CVE-2021-40117
Summary
| CVE | CVE-2021-40117 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-10-27 19:15:00 UTC |
| Updated | 2023-11-07 03:38:00 UTC |
| Description | A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. |
Risk And Classification
Problem Types: CWE-400
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Adaptive Security Appliance | All | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | All | All | All | All |
| Hardware | Cisco | Asa 5505 | - | All | All | All |
| Operating System | Cisco | Asa 5505 Firmware | 009.009\(002.085\) | All | All | All |
| Operating System | Cisco | Asa 5505 Firmware | 009.014\(002.106\) | All | All | All |
| Hardware | Cisco | Asa 5512-x | - | All | All | All |
| Operating System | Cisco | Asa 5512-x Firmware | 009.009\(002.085\) | All | All | All |
| Operating System | Cisco | Asa 5512-x Firmware | 009.014\(002.106\) | All | All | All |
| Hardware | Cisco | Asa 5515-x | - | All | All | All |
| Operating System | Cisco | Asa 5515-x Firmware | 009.009\(002.085\) | All | All | All |
| Operating System | Cisco | Asa 5515-x Firmware | 009.014\(002.106\) | All | All | All |
| Hardware | Cisco | Asa 5525-x | - | All | All | All |
| Operating System | Cisco | Asa 5525-x Firmware | 009.009\(002.085\) | All | All | All |
| Operating System | Cisco | Asa 5525-x Firmware | 009.014\(002.106\) | All | All | All |
| Hardware | Cisco | Asa 5545-x | - | All | All | All |
| Operating System | Cisco | Asa 5545-x Firmware | 009.009\(002.085\) | All | All | All |
| Operating System | Cisco | Asa 5545-x Firmware | 009.014\(002.106\) | All | All | All |
| Hardware | Cisco | Asa 5555-x | - | All | All | All |
| Operating System | Cisco | Asa 5555-x Firmware | 009.009\(002.085\) | All | All | All |
| Operating System | Cisco | Asa 5555-x Firmware | 009.014\(002.106\) | All | All | All |
| Hardware | Cisco | Asa 5580 | - | All | All | All |
| Operating System | Cisco | Asa 5580 Firmware | 009.009\(002.085\) | All | All | All |
| Operating System | Cisco | Asa 5580 Firmware | 009.014\(002.106\) | All | All | All |
| Hardware | Cisco | Asa 5585-x | - | All | All | All |
| Operating System | Cisco | Asa 5585-x Firmware | 009.009\(002.085\) | All | All | All |
| Operating System | Cisco | Asa 5585-x Firmware | 009.014\(002.106\) | All | All | All |
| Application | Cisco | Firepower Threat Defense | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability | CISCO | tools.cisco.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 317091 Cisco Adaptive Security Appliance Software (ASA) SSL/TLS Denial of Service (DoS) Vulnerability (cisco-sa-asaftd-dos-4ygzLKU9)
- 317092 Cisco Firepower Threat Defense (FTD) Software Secure Sockets Layer/Transport Layer Security (SSL/TLS Denial of Service (DoS) Vulnerability (cisco-sa-asaftd-dos-4ygzLKU9)