CVE-2021-40114
6.8 MEDIUMMultiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an ...
Published: 2021-10-27 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 6.8 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
- CWE
- CWE-401, CWE-770
Affected products
| Vendor | Product |
|---|---|
| cisco | firepower_threat_defense, secure_firewall_management_center, snort |
| snort | firepower_threat_defense, secure_firewall_management_center, snort |
Description
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-40114
- [Other]https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
- [Vendor advisory]https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU
- [Other]https://www.debian.org/security/2023/dsa-5354
- [Other]https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
- [Vendor advisory]https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU
- [Other]https://www.debian.org/security/2023/dsa-5354
Related CVEs
Same vendor
- CVE-2026-20262 — A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to... (6.5 MEDIUM)
- CVE-2026-20245 — A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vM... (7.8 HIGH)
- CVE-2026-20233 — A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct... (6.1 MEDIUM)
- CVE-2026-20182 — May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the wa... (10.0 CRITICAL)
- CVE-2026-5944 — An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central (8.2 HIGH)
Same CWE
- CVE-2026-0646 — A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory handling of CIP protocol requests
- CVE-2026-48854 — Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BE...
- CVE-2026-48853 — Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unau...
- CVE-2026-8683 — Mattermost Desktop App versions <=6.1 5.5.13.0 fail to account for attempting to open extremely long URLs in the Mattermost Desktop App w... (6.5 MEDIUM)
- CVE-2026-53522 — Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool (6.5 MEDIUM)