First published: Thu Apr 29 2021(Updated: )
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Firepower Threat Defense | >=6.3.0<6.4.0 | |
Cisco Firepower Threat Defense | >=6.5.0<6.6.0 | |
Cisco Firepower Threat Defense Virtual | ||
Cisco Asa 5512-x | ||
Cisco Asa 5515-x | ||
Cisco Asa 5525-x | ||
Cisco Asa 5545-x | ||
Cisco Asa 5555-x | ||
Cisco Firepower 1010 | ||
Cisco Firepower 1120 | ||
Cisco Firepower 1140 | ||
Cisco Firepower 1150 | ||
Cisco Firepower 2110 | ||
Cisco Firepower 2120 | ||
Cisco Firepower 2130 | ||
Cisco Firepower 2140 | ||
Cisco Isa 3000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-1402 is a vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software.
CVE-2021-1402 allows an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition.
CVE-2021-1402 has a severity rating of 8.6, which is considered high.
To fix CVE-2021-1402, update to a version of Cisco Firepower Threat Defense (FTD) Software that is not affected by the vulnerability.
You can find more information about CVE-2021-1402 on the Cisco Security Advisory page at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c.