How severe is CVE-2021-1236?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4 out of 10.

What type of vulnerability is CVE-2021-1236?

This is classified as CWE-670, which is a common weakness in software security.

CVE-2021-1236 - MEDIUM Severity | CVSS 4

Vulnerability Description

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network.

Related Vulnerabilities

CVE-2025-32996

MEDIUM

CVSS:4.0(Medium)

In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used.

CWE-6702025

CVE-2021-3011

MEDIUM

CVSS:4.2(Medium)

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attacker...

CWE-6702021

CVE-2020-26506

MEDIUM

CVSS:4.3(Medium)

An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users. The accessed f...

CWE-6702020

CVE-2020-3885

MEDIUM

CVSS:4.3(Medium)

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windo...

CWE-6702020

CVE-2024-25622

MEDIUM

CVSS:4.3(Medium)

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The configuration directives provided by the headers handler allows users to modify the response headers being sent by h2o. The conf...

CWE-6702024

CVE-2024-45298

MEDIUM

CVSS:4.3(Medium)

Wiki.js is an open source wiki app built on Node.js. A disabled user can still gain access to a wiki by abusing the password reset function. While setting up SMTP e-mail's on my server, I tested said ...

CWE-6702024