VDB
CVE-2021-1494
CVE-2021-1494
PUBLISHED
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.
EPSS 0.23% · 45.8th percentile
Risk Scores
EPSS Score
0.23%
45.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | snort | 2.9.7.0-5, 2.9.7.0-5build1, 0 |
| Ubuntu:22.04:LTS | snort | 2.9.15.1-5, 2.9.15.1-6build1, 2.9.15.1-6 |
| Ubuntu:14.04:LTS | snort | 2.9.2.2-3, 2.9.6.0-0ubuntu1, 2.9.5.3-3 |
| Ubuntu:16.04:LTS | snort | 0, 2.9.7.0-5 |
| Ubuntu:20.04:LTS | snort | 0, 2.9.7.0-5build1 |
| Ubuntu:24.04:LTS | snort | 2.9.15.1-6build1, 2.9.20-0+deb11u1ubuntu1, 0 |
Exploit Intelligence
- cisco-sa-http-fp-bp-KfDdcQhc (circl)
Timeline
- Nov 15, 2024 CVE Published
- Nov 15, 2024 CVE Updated
- Nov 16, 2024 EPSS Score
- Dec 5, 2024 EPSS Score
- Dec 22, 2024 EPSS Score
- Jan 9, 2025 EPSS Score
- Jan 26, 2025 EPSS Score
- Feb 13, 2025 EPSS Score
- Mar 3, 2025 EPSS Score
- Mar 20, 2025 EPSS Score
- Apr 7, 2025 EPSS Score
- Apr 24, 2025 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-1494 third-party-advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-1494 third-party-advisory