cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-1285,https://securityvulnerability.io/vulnerability/CVE-2021-1285,Cisco Snort Vulnerability Could Lead to Denial of Service Condition,"A vulnerability exists in the Ethernet Frame Decoder of the Cisco Snort Detection Engine that may permit an unauthenticated, adjacent attacker to create a denial of service condition. This vulnerability arises from inadequate management of error situations while processing Ethernet frames. By sending crafted malicious Ethernet frames to an affected device, an adversary can potentially deplete disk space on that device. This depletion can result in restrictions on administrator login access and might impede the device's boot process, necessitating manual recovery efforts. To recover from such an incident, affected users are encouraged to seek assistance from the Cisco Technical Assistance Center (TAC). Cisco has made software updates available to rectify this vulnerability, as no workarounds are effective.",Cisco,Cisco Utd Snort Ips Engine Software,7.4,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-18T15:41:50.263Z,0
CVE-2021-1494,https://securityvulnerability.io/vulnerability/CVE-2021-1494,Cisco Snort Vulnerability Allows Bypass of Configured File Policy for HTTP,"A vulnerability exists within the Cisco Snort detection engine that compromises the security of HTTP file policies. This issue is attributed to the improper handling of specific HTTP header parameters, enabling an unauthenticated remote attacker to bypass established file policies. An attacker can exploit this vulnerability by sending specially crafted HTTP packets to an affected device, potentially leading to the delivery of a malicious payload. Organizations utilizing Cisco's Snort engine should take immediate measures to apply available patches and review configurations to mitigate this risk.",Cisco,"Cisco Firepower Threat Defense Software,Cisco Utd Snort Ips Engine Software",5.8,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-11-15T16:21:36.666Z,0
CVE-2022-20685,https://securityvulnerability.io/vulnerability/CVE-2022-20685,Cisco Snort Detection Engine Vulnerability Could Lead to DoS Conditions,"A vulnerability exists within the Modbus preprocessor of the Snort detection engine which could enable an unauthenticated remote attacker to exploit the device, resulting in a denial of service condition. The root cause lies in an integer overflow that occurs when the system processes Modbus traffic. By sending specially crafted Modbus messages, an attacker can induce the Snort process to become unresponsive, leading to a halt in traffic inspection. Cisco has issued software updates addressing this vulnerability, with no applicable workarounds available.",Cisco,"Cisco Cyber Vision,Cisco Firepower Threat Defense Software,Cisco Utd Snort Ips Engine Software",7.5,HIGH,0.0004299999854993075,false,,false,false,true,2025-01-27T18:15:04.000Z,,false,false,,2024-11-15T15:36:31.261Z,0
CVE-2023-20071,https://securityvulnerability.io/vulnerability/CVE-2023-20071,Vulnerability in Snort Detection Engine Affects Cisco Products,"A vulnerability exists within the FTP module of Cisco's Snort detection engine, which enables unauthenticated, remote attackers to potentially bypass established security policies on affected systems. By sending specifically crafted FTP traffic, attackers can exploit this flaw to evade FTP inspections and potentially deliver malicious payloads. This poses a significant risk to network integrity, allowing unauthorized access and potentially harmful activities.",Cisco,"Cisco Firepower Threat Defense Software,Cisco Umbrella Insights Virtual Appliance,Cisco Cyber Vision,Cisco UTD SNORT IPS Engine Software",5.8,MEDIUM,0.0009500000160187483,false,,false,false,false,,,false,false,,2023-11-01T18:15:00.000Z,0