{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T04:43:17.803","vulnerabilities":[{"cve":{"id":"CVE-2021-1402","sourceIdentifier":"psirt@cisco.com","published":"2021-04-29T18:15:08.923","lastModified":"2024-11-21T05:44:16.410","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload."},{"lang":"es","value":"Una vulnerabilidad en el controlador de mensajes SSL/TLS basado en software del software Cisco Firepower Threat Defense (FTD) podría permitir a un atacante remoto no autenticado activar una recarga de un dispositivo afectado, resultando en una condición de denegación de servicio (DoS). La vulnerabilidad es debido a una comprobación insuficiente de los mensajes SSL/TLS cuando el dispositivo lleva a cabo el descifrado SSL basado en software. Un atacante podría explotar esta vulnerabilidad mediante el envío de un mensaje SSL/TLS diseñado por medio de un dispositivo afectado. Los mensajes SSL/TLS enviados a un dispositivo afectado no desencadenan esta vulnerabilidad. Una explotación con éxito podría permitir al atacante causar el bloqueo de un proceso. Este bloqueo podría entonces desencadenar una recarga del dispositivo. No es necesaria una intervención manual para recuperar el dispositivo después de la recarga"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3.0","versionEndExcluding":"6.4.0","matchCriteriaId":"0B60D48C-19D8-4015-8D25-D3C0165C6080"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5.0","versionEndExcluding":"6.6.0","matchCriteriaId":"B5432C87-A9AF-4CC8-8573-443562963519"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense_virtual:-:*:*:*:*:*:*:*","matchCriteriaId":"A38E373E-438F-44F6-AABF-2C57142507EE"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*","matchCriteriaId":"08F0F160-DAD2-48D4-B7B2-4818B2526F35"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*","matchCriteriaId":"977D597B-F6DE-4438-AB02-06BE64D71EBE"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*","matchCriteriaId":"EB71EB29-0115-4307-A9F7-262394FD9FB0"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*","matchCriteriaId":"57179F60-E330-4FF0-9664-B1E4637FF210"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*","matchCriteriaId":"5535C936-391B-4619-AA03-B35265FC15D7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*","matchCriteriaId":"7FFE3880-4B85-4E23-9836-70875D5109F7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*","matchCriteriaId":"727A02E8-40A1-4DFE-A3A2-91D628D3044F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*","matchCriteriaId":"19F6546E-28F4-40DC-97D6-E0E023FE939B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*","matchCriteriaId":"EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*","matchCriteriaId":"52D96810-5F79-4A83-B8CA-D015790FCF72"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*","matchCriteriaId":"16FE2945-4975-4003-AE48-7E134E167A7F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*","matchCriteriaId":"DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*","matchCriteriaId":"976901BF-C52C-4F81-956A-711AF8A60140"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*","matchCriteriaId":"9510E97A-FD78-43C6-85BC-223001ACA264"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}