Lucene search

[email protected]CVE-2021-1387

HistoryFeb 24, 2021 - 8:15 p.m.

CVE-2021-1387

2021-02-2420:15:00

CWE-401

[email protected]

web.nvd.nist.gov

cisco

nx-os

software

vulnerability

network stack

dos

denial of service

remote attacker

cve-2021-1387

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.4 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

52.3%

JSON

A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because the software improperly releases resources when it processes certain IPv6 packets that are destined to an affected device. An attacker could exploit this vulnerability by sending multiple crafted IPv6 packets to an affected device. A successful exploit could cause the network stack to run out of available buffers, impairing operations of control plane and management plane protocols and resulting in a DoS condition. Manual intervention would be required to restore normal operations on the affected device. For more information about the impact of this vulnerability, see the Details section of this advisory.

CPENameOperatorVersion
cisco:unified_computing_systemcisco unified computing systemlt4.0\(4k\)
cisco:unified_computing_systemcisco unified computing systemlt4.1\(1e\)
cisco:nx-oscisco nx-oseq7.0\(0\)n1\(1\)
cisco:nx-oscisco nx-oseq7.0\(1\)n1\(1\)
cisco:nx-oscisco nx-oseq7.0\(2\)n1\(1\)
cisco:nx-oscisco nx-oseq7.0\(3\)n1\(1\)
cisco:nx-oscisco nx-oseq7.0\(4\)n1\(1\)
cisco:nx-oscisco nx-oseq7.0\(4\)n1\(1a\)
cisco:nx-oscisco nx-oseq7.0\(5\)n1\(1\)
cisco:nx-oscisco nx-oseq7.0\(5\)n1\(1a\)

CPE	Name	Operator	Version
cisco:unified_computing_system	cisco unified computing system	lt	4.0\(4k\)
cisco:unified_computing_system	cisco unified computing system	lt	4.1\(1e\)
cisco:nx-os	cisco nx-os	eq	7.0\(0\)n1\(1\)
cisco:nx-os	cisco nx-os	eq	7.0\(1\)n1\(1\)
cisco:nx-os	cisco nx-os	eq	7.0\(2\)n1\(1\)
cisco:nx-os	cisco nx-os	eq	7.0\(3\)n1\(1\)
cisco:nx-os	cisco nx-os	eq	7.0\(4\)n1\(1\)
cisco:nx-os	cisco nx-os	eq	7.0\(4\)n1\(1a\)
cisco:nx-os	cisco nx-os	eq	7.0\(5\)n1\(1\)
cisco:nx-os	cisco nx-os	eq	7.0\(5\)n1\(1a\)

Rows per page:

1-10 of 2411

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipv6-netstack-edXPGV7K

Social References

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.4 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

52.3%

JSON

Related for CVE-2021-1387

nessus2 prion1 cisco1