This security bulletin contains one medium risk vulnerability.
1) Improper Enforcement of Message Integrity During Transmission in a Communication Channel
EUVDB-ID: #VU57753
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-34793
CWE-ID: CWE-924 - Improper Enforcement of Message Integrity During Transmission in a Communication Channel
Exploit availability: No
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists in the TCP Normalizer when handling certain TCP segments. A remote attacker can send a specially crafted TCP segment through an affected device and poison MAC address tables.
Successful exploitation of the vulnerability may allow an attacker to perform a denial of service attack but requires the affected device to be operating in transparent mode.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Cisco Adaptive Security Appliance (ASA) Software: 9.7, 9.8, 9.8.4.3, 9.8.4.7, 9.8.4.10, 9.8.4.12, 9.8.4.15, 9.8.4.17, 9.8.4.20, 9.8.4.22, 9.8.4.25, 9.8.4.26, 9.8.4.29, 9.8.4.35, 9.9, 9.9.2.52, 9.9.2.66, 9.9.2.67, 9.9.2.74, 9.9.2.80, 9.9.2.85, 9.10, 9.10.1.22, 9.10.1.27, 9.10.1.30, 9.10.1.37, 9.10.1.39, 9.10.1.42, 9.10.1.43, 9.10.1.44, 9.12, 9.12.2, 9.12.2.1, 9.12.2.9, 9.12.3, 9.12.3.2, 9.12.3.7, 9.12.3.9, 9.12.3.12, 9.12.4.2, 9.12.4.3, 9.12.4.4, 9.12.4.13, 9.12.4.18, 9.13, 9.13.1.2, 9.13.1.7, 9.13.1.10, 9.13.1.12, 9.13.1.13, 9.13.1.21, 9.14, 9.14.1.10, 9.14.1.15, 9.14.1.19, 9.14.1.30, 9.14.2.8, 9.14.2.13, 9.15.1.7, 9.15.1.10
ASA 5500-X Series Firewalls: All versions
Cisco Firepower Threat Defense (FTD): 6.2.0, 6.2.1, 6.2.2, 6.2.2.1, 6.2.3, 6.2.3.4, 6.2.3.12, 6.2.3.13, 6.2.3.15, 6.2.3.16, 6.3.0, 6.3.0.2, 6.3.0.4, 6.3.0.5, 6.3.0.6, 6.4.0, 6.4.0.2, 6.4.0.3, 6.4.0.4, 6.4.0.6, 6.4.0.7, 6.4.0.8, 6.4.0.10, 6.4.0.12, 6.5.0, 6.5.0.2, 6.5.0.3, 6.5.0.4, 6.5.0.5, 6.6.0, 6.6.0.1, 6.6.1, 6.6.4, 6.7.0
CPE2.3
External links
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx46296http://tools.cisco.com/security/center/content/ ..
Support the originator by clicking the read the rest link below.