CVE-2021-34754
MEDIUMCisco Firepower Threat Defense - Unauthenticated Access Control Bypass via ENIP Packet Inspection
Title source: llmDescription
Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should be activated for the ENIP packet.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP
Scores
CVSS v3
5.8
EPSS
0.0012
EPSS Percentile
30.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-284
Status
published
Products (6)
cisco/firepower_threat_defense
6.4.0 - 6.4.0.13
cisco/secure_firewall_management_center
2.9.12
cisco/secure_firewall_management_center
2.9.14.0
cisco/secure_firewall_management_center
2.9.16
cisco/secure_firewall_management_center
2.9.17
cisco/secure_firewall_management_center
2.9.18
Published
Oct 27, 2021
Tracked Since
Feb 18, 2026