Vulnerability in Cisco Adaptive_security_appliance_software
CVE-2021-1422
A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man…
EPSS: 0.012 (64.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.7 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H.
Affected products
- Cisco Adaptive_security_appliance_software — versions 9.16.1
- Cisco Adaptive_security_virtual_appliance
- Cisco Adaptive Security Appliance (Asa) Software — versions n/a
- Cisco Firepower_2100
- Cisco Firepower_2110
- Cisco Firepower_2120
- Cisco Firepower_2130
- Cisco Firepower_2140
- Cisco Firepower_threat_defense — versions 7.0.0.0
- Cisco Ftd_virtual
Weakness classification (CWE)
References
- psirt@cisco.com (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
Frequently asked questions
- What is CVE-2021-1422?
- CVE-2021-1422 is a high-severity vulnerability in Cisco Adaptive_security_appliance_software, classified under Reachable Assertion. CVSS score: 7.7/10. Published 2021-07-16.
- How severe is CVE-2021-1422?
- High severity. CVSS v3 base score is 7.7 out of 10.