CVE-2021-34792
HIGHCisco ASA and FTD - Unauthenticated Denial of Service via High Connection Rate
Title source: llmDescription
A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY
Scores
CVSS v3
8.6
EPSS
0.0043
EPSS Percentile
62.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-401
CWE-400
Status
published
Products (34)
cisco/adaptive_security_appliance_software
9.8.0 - 9.8.4.40
cisco/asa_5505_firmware
009.014\(001.150\)
cisco/asa_5505_firmware
099.017\(001.211\)
cisco/asa_5505_firmware
099.017\(001.220\)
cisco/asa_5505_firmware
099.017\(015.050\)
cisco/asa_5512-x_firmware
009.014\(001.150\)
cisco/asa_5512-x_firmware
099.017\(001.211\)
cisco/asa_5512-x_firmware
099.017\(001.220\)
cisco/asa_5512-x_firmware
099.017\(015.050\)
cisco/asa_5515-x_firmware
009.014\(001.150\)
... and 24 more
Published
Oct 27, 2021
Tracked Since
Feb 18, 2026