==================================================================== CERT-Renater Note d'Information No. 2021/VULN250 _____________________________________________________________________ DATE : 29/04/2021 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Cisco ASA Software versions prior to 9.8.4.35, 9.9.2.85, 9.12.4.18, 9.13.1.21, 9.14.2.13, 9.15.1.15, Cisco FTD Software versions prior to 6.4.0.12 (May 2021), 6.6.4, 6.7.0.2. ===================================================================== https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c _____________________________________________________________________ Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2021-April-28. The following PSIRT security advisories (5 High) were published at 16:00 UTC today. Table of Contents: 1) Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software SIP Denial of Service Vulnerability - SIR: High 2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability - SIR: High 3) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities - SIR: High 4) Cisco Firepower Threat Defense Software Command Injection Vulnerability - SIR: High 5) Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability - SIR: High +-------------------------------------------------------------------- 1) Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software SIP Denial of Service Vulnerability CVE-2021-1501 SIR: High CVSS Score v(3.1): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC"] +-------------------------------------------------------------------- 2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability CVE-2021-1493 SIR: High CVSS Score v(3.1): 8.5 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG"] +-------------------------------------------------------------------- 3) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities CVE-2021-1445, CVE-2021-1504 SIR: High CVSS Score v(3.1): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpn-dos-fpBcpEcD"] +-------------------------------------------------------------------- 4) Cisco Firepower Threat Defense Software Command Injection Vulnerability CVE-2021-1448 SIR: High CVSS Score v(3.0): 7.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT"] +-------------------------------------------------------------------- 5) Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability CVE-2021-1402 SIR: High CVSS Score v(3.0): 8.6 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c"] ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================