How severe is CVE-2021-1625?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2021-1625?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2021-1625

MEDIUM Year: 2021

CVSS v3 Score

5.8

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-284

View all →

Vulnerability Description

A vulnerability in the Zone-Based Policy Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent the Zone-Based Policy Firewall from correctly classifying traffic. This vulnerability exists because ICMP and UDP responder-to-initiator flows are not inspected when the Zone-Based Policy Firewall has either Unified Threat Defense (UTD) or Application Quality of Experience (AppQoE) configured. An attacker could exploit this vulnerability by attempting to send UDP or ICMP flows through the network. A successful exploit could allow the attacker to inject traffic through the Zone-Based Policy Firewall, resulting in traffic being dropped because it is incorrectly classified or in incorrect reporting figures being produced by high-speed logging (HSL).

CVE-2018-11456

MEDIUM

CVSS:5.8(Medium)

A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4). An attacker with network access to the device could send specially crafted network packets to determine wh...

CWE-2842018

CVE-2019-12627

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensiti...

CWE-2842019

CVE-2019-1686

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass prot...

CWE-2842019

CVE-2020-3312

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive d...

CWE-2842020

CVE-2020-3448

MEDIUM

CVSS:5.8(Medium)

A vulnerability in an access control mechanism of Cisco Cyber Vision Center Software could allow an unauthenticated, remote attacker to bypass authentication and access internal services that are runn...

CWE-2842020

CVE-2020-3564

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to by...

CWE-2842020

CVE-2021-1625

Vulnerability Description

Related Vulnerabilities

CVE-2018-11456

CVE-2019-12627

CVE-2019-1686

CVE-2020-3312

CVE-2020-3448

CVE-2020-3564