First published: Wed Oct 27 2021(Updated: )
A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3 This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication.
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco ASA Software | =9.15<9.15.1.7=9.14<9.14.2.4 | 9.15.1.7 9.14.2.4 |
Cisco FTD Software | =6.4.0<6.4.0.13 (Nov 2021) | 6.4.0.13 (Nov 2021) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Cisco ASA and FTD SNMP access control vulnerability is cisco-sa-asaftd-snmpaccess-M6yOweq3.
The severity level of cisco-sa-asaftd-snmpaccess-M6yOweq3 is medium.
This vulnerability affects Cisco ASA Software version 9.15 up to exclusive 9.15.1.7 and version 9.14 up to exclusive 9.14.2.4.
This vulnerability affects Cisco FTD Software version 6.4.0 up to exclusive 6.4.0.13 (Nov 2021).
No, authentication is not required to exploit the vulnerability.