VDB
CVE-2021-34790
CVE-2021-34790
PUBLISHED
CVSS 4.699999809265137 MEDIUM
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.
EPSS 0.47% · 64.8th percentile
Risk Scores
CVSS 3.1
4.699999809265137
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
EPSS Score
0.47%
64.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | asa_5525-x_firmware | 009.015, 009.008 |
| cisco | adaptive_security_appliance | 0 |
| cisco | asa_5505_firmware | 009.015, 009.008 |
| cisco | asa_5512-x_firmware | 009.015, 009.008 |
| cisco | asa_5555-x_firmware | 009.008, 009.015 |
| cisco | asa_5580_firmware | 009.008, 009.015 |
| cisco | asa_5585-x_firmware | 009.015, 009.008 |
| cisco | firepower_threat_defense | 6.5.0, 0, 6.7.0 |
| cisco | asa_5545-x_firmware | 009.008, 009.015 |
| cisco | asa_5515-x_firmware | 009.015, 009.008 |
| Cisco | Cisco Adaptive Security Appliance (ASA) Software | n/a |
| cisco | adaptive_security_appliance_software | 9.13.0, 9.12.0, 9.15.0 |
Exploit Intelligence
Timeline
- Oct 27, 2021 CVE Published
- Oct 28, 2021 EPSS Score
- Dec 23, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 17, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 14, 2022 EPSS Score
- Jun 9, 2022 EPSS Score
- Aug 5, 2022 EPSS Score
- Nov 25, 2022 EPSS Score
- Jan 20, 2023 EPSS Score
- Mar 7, 2023 EPSS Score