CVE-2021-34781: 
Cisco Firepower Threat Defense (FTD) vulnerability analysis and mitigation

A vulnerability (CVE-2021-34781) was discovered in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software. The vulnerability was first published on October 27, 2021, and affects devices running FTD Software Release 6.3.0 and later versions configured for multi-instance operation. This vulnerability specifically impacts Firepower 4100 Series and 9300 Series Security Appliances (Cisco Advisory).

The vulnerability stems from a lack of proper error handling when an SSH session fails to be established. It received a CVSS Base Score of 8.6 (High) with a vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H. The vulnerability is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-755 (Improper Handling of Exceptional Conditions) (NVD).

A successful exploitation of this vulnerability could allow an unauthenticated, remote attacker to cause resource exhaustion, leading to a denial of service (DoS) condition on the affected device. The impact is severe enough that the device must be manually reloaded to recover from the attack (Cisco Advisory).

While there are no direct workarounds available, administrators can mitigate the risk by allowing only trusted networks and hosts to have SSH access to the FTD management IP. Cisco has released software updates that address this vulnerability in versions 6.4.0.13, 6.6.5, 6.7.0.3, and 7.0.1. Users of affected versions are advised to upgrade to these fixed releases (Cisco Advisory).