What is CVE-2021-34793?

CVE-2021-34793 is a high-severity vulnerability in Cisco Adaptive Security Appliance (Asa) Software, classified under Improper Enforcement of Message Integrity During Transmission in a Communication Channel. CVSS score: 8.6/10. Published 2021-10-27.

How severe is CVE-2021-34793?

High severity. CVSS v3 base score is 8.6 out of 10.

Vulnerability in Cisco Adaptive Security Appliance (Asa) Software

CVE-2021-34793

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address table…

EPSS: 0.001 (23.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Cisco Adaptive Security Appliance (Asa) Software — versions n/a

Weakness classification (CWE)

CWE-924 — Improper Enforcement of Message Integrity During Transmission in a Communication Channel

References

20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2021-34793?: CVE-2021-34793 is a high-severity vulnerability in Cisco Adaptive Security Appliance (Asa) Software, classified under Improper Enforcement of Message Integrity During Transmission in a Communication Channel. CVSS score: 8.6/10. Published 2021-10-27.
How severe is CVE-2021-34793?: High severity. CVSS v3 base score is 8.6 out of 10.