Lucene search

[email protected]CVE-2021-1131

HistoryJan 13, 2021 - 10:15 p.m.

CVE-2021-1131

2021-01-1322:15:14

CWE-119

[email protected]

web.nvd.nist.gov

cve-2021-1131

cisco

video surveillance

ip cameras

dos

vulnerability

cisco discovery protocol

3.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.1%

JSON

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. The vulnerability is due to missing checks when Cisco Discovery Protocol messages are processed. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected IP camera. A successful exploit could allow the attacker to cause the affected IP camera to reload unexpectedly, resulting in a denial of service (DoS) condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Affected configurations

NVD

Node

ciscovideo_surveillance_8000p_ip_camera_firmwareRange<1.0.9-8

AND

ciscovideo_surveillance_8000p_ip_cameraMatch-

Node

ciscovideo_surveillance_8020_ip_camera_firmwareRange<1.0.9-8

AND

ciscovideo_surveillance_8020_ip_cameraMatch-

Node

ciscovideo_surveillance_8030_ip_camera_firmwareRange<1.0.9-8

AND

ciscovideo_surveillance_8030_ip_cameraMatch-

Node

ciscovideo_surveillance_8070_ip_camera_firmwareRange<1.0.9-8

AND

ciscovideo_surveillance_8070_ip_cameraMatch-

Node

ciscovideo_surveillance_8400_ip_camera_firmwareRange<1.0.9-8

AND

ciscovideo_surveillance_8400_ip_cameraMatch-

Node

ciscovideo_surveillance_8620_ip_camera_firmwareRange<1.0.9-8

AND

ciscovideo_surveillance_8620_ip_cameraMatch-

Node

ciscovideo_surveillance_8630_ip_camera_firmwareRange<1.0.9-8

AND

ciscovideo_surveillance_8630_ip_cameraMatch-

Node

ciscovideo_surveillance_8930_speed_dome_ip_camera_firmwareRange<1.0.9-8

AND

ciscovideo_surveillance_8930_speed_dome_ip_cameraMatch-

CPENameOperatorVersion
cisco:video_surveillance_8000p_ip_camera_firmwarecisco video surveillance 8000p ip camera firmwarelt1.0.9-8

CPE	Name	Operator	Version
cisco:video_surveillance_8000p_ip_camera_firmware	cisco video surveillance 8000p ip camera firmware	lt	1.0.9-8

CNA Affected

[
  {
    "product": "Cisco Video Surveillance 8000 Series IP Cameras ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcameras-dos-9zdZcUfq

3.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.1%

JSON

Related for CVE-2021-1131

prion1 cisco1 cvelist1 nvd1