VDB

CVE-2021-1445

CVE-2021-1445 PUBLISHED CVSS 8.600000381469727 HIGH

Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to lack of proper input validation of the HTTPS request. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.

EPSS 0.31% · 54.7th percentile

Risk Scores

CVSS 3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS Score
0.31%
54.7th percentile

Affected Products

VendorProductVersions
ciscofirepower_threat_defense6.5.0, 6.7.0
ciscoadaptive_security_appliance_software9.13, 9.14, 9.15
CiscoCisco Adaptive Security Appliance (ASA) Softwaren/a

Exploit Intelligence

Timeline

  • Apr 29, 2021 CVE Published
  • Apr 30, 2021 EPSS Score
  • Jul 3, 2021 EPSS Score
  • Sep 3, 2021 EPSS Score
  • Nov 5, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Mar 9, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 10, 2022 EPSS Score
  • Jul 11, 2022 EPSS Score
  • Sep 12, 2022 EPSS Score
  • Nov 14, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›