How severe is CVE-2021-40116?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2021-40116?

This is classified as CWE-241, which is a common weakness in software security.

CVE-2021-40116

HIGH Year: 2021

CVSS v3 Score

7.5

High

CVSS v2 Score

7.1

High

Weakness Type

CWE-241

View all →

Vulnerability Description

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable.

CVE-2021-39131

HIGH

CVSS:7.5(High)

ced detects character encoding using Google’s compact_enc_det library. In ced v0.1.0, passing data types other than `Buffer` causes the Node.js process to crash. The problem has been patched in ced v1...

CWE-2412021

CVE-2022-1642

HIGH

CVSS:7.5(High)

A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability ...

CWE-2412022

CVE-2022-20730

HIGH

CVSS:7.5(High)

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed....

CWE-2412022

CVE-2022-24668

HIGH

CVSS:7.5(High)

A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.1...

CWE-2412022

CVE-2022-3029

HIGH

CVSS:7.5(High)

In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files that isn’t correctly base 64 encoded is treated as a fatal error an...

CWE-2412022

CVE-2023-30591

HIGH

CVSS:7.5(High)

Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via cr...

CWE-2412023

CVE-2021-40116

Vulnerability Description

Related Vulnerabilities

CVE-2021-39131

CVE-2022-1642

CVE-2022-20730

CVE-2022-24668

CVE-2022-3029

CVE-2023-30591