Lucene search

[email protected]CVE-2021-1446

HistoryMar 24, 2021 - 8:15 p.m.

CVE-2021-1446

2021-03-2420:15:15

CWE-754

[email protected]

web.nvd.nist.gov

cisco

ios xe

software

vulnerability

remote attacker

dns packets

nat

dos

ipv4

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

48.7%

JSON

A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a logic error that occurs when an affected device inspects certain DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through an affected device that is performing NAT for DNS packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability can be exploited only by traffic that is sent through an affected device via IPv4 packets. The vulnerability cannot be exploited via IPv6 traffic.

Affected configurations

NVD

Node

ciscoios_xeMatch3.7.0bs

ciscoios_xeMatch3.7.0s

ciscoios_xeMatch3.7.0xas

ciscoios_xeMatch3.7.0xbs

ciscoios_xeMatch3.7.1as

ciscoios_xeMatch3.7.1s

ciscoios_xeMatch3.7.2s

ciscoios_xeMatch3.7.2ts

ciscoios_xeMatch3.7.3s

ciscoios_xeMatch3.7.4as

ciscoios_xeMatch3.7.4s

ciscoios_xeMatch3.7.5s

ciscoios_xeMatch3.7.6s

ciscoios_xeMatch3.7.7s

ciscoios_xeMatch3.7.8s

ciscoios_xeMatch3.8.0s

ciscoios_xeMatch3.8.1s

ciscoios_xeMatch3.8.2s

ciscoios_xeMatch3.9.0as

ciscoios_xeMatch3.9.0s

ciscoios_xeMatch3.9.0xas

ciscoios_xeMatch3.9.1as

ciscoios_xeMatch3.9.1s

ciscoios_xeMatch3.9.2s

ciscoios_xeMatch3.10.0s

ciscoios_xeMatch3.10.1s

ciscoios_xeMatch3.10.1xbs

ciscoios_xeMatch3.10.1xcs

ciscoios_xeMatch3.10.2as

ciscoios_xeMatch3.10.2s

ciscoios_xeMatch3.10.2ts

ciscoios_xeMatch3.10.3s

ciscoios_xeMatch3.10.4s

ciscoios_xeMatch3.10.5s

ciscoios_xeMatch3.10.6s

ciscoios_xeMatch3.10.7s

ciscoios_xeMatch3.10.8as

ciscoios_xeMatch3.10.8s

ciscoios_xeMatch3.10.9s

ciscoios_xeMatch3.10.10s

ciscoios_xeMatch3.11.0s

ciscoios_xeMatch3.11.1s

ciscoios_xeMatch3.11.2s

ciscoios_xeMatch3.11.3s

ciscoios_xeMatch3.11.4s

ciscoios_xeMatch3.12.0as

ciscoios_xeMatch3.12.0s

ciscoios_xeMatch3.12.1s

ciscoios_xeMatch3.12.2s

ciscoios_xeMatch3.12.3s

ciscoios_xeMatch3.12.4s

ciscoios_xeMatch3.13.0as

ciscoios_xeMatch3.13.0s

ciscoios_xeMatch3.13.1s

ciscoios_xeMatch3.13.2as

ciscoios_xeMatch3.13.2s

ciscoios_xeMatch3.13.3s

ciscoios_xeMatch3.13.4s

ciscoios_xeMatch3.13.5as

ciscoios_xeMatch3.13.5s

ciscoios_xeMatch3.13.6as

ciscoios_xeMatch3.13.6bs

ciscoios_xeMatch3.13.6s

ciscoios_xeMatch3.13.7as

ciscoios_xeMatch3.13.7s

ciscoios_xeMatch3.13.8s

ciscoios_xeMatch3.13.9s

ciscoios_xeMatch3.13.10s

ciscoios_xeMatch3.14.0s

ciscoios_xeMatch3.14.1s

ciscoios_xeMatch3.14.2s

ciscoios_xeMatch3.14.3s

ciscoios_xeMatch3.14.4s

ciscoios_xeMatch3.15.0s

ciscoios_xeMatch3.15.1cs

ciscoios_xeMatch3.15.1s

ciscoios_xeMatch3.15.1xbs

ciscoios_xeMatch3.15.2s

ciscoios_xeMatch3.15.2xbs

ciscoios_xeMatch3.15.3s

ciscoios_xeMatch3.15.4s

ciscoios_xeMatch3.16.0as

ciscoios_xeMatch3.16.0bs

ciscoios_xeMatch3.16.0cs

ciscoios_xeMatch3.16.0s

ciscoios_xeMatch3.16.1as

ciscoios_xeMatch3.16.1s

ciscoios_xeMatch3.16.2as

ciscoios_xeMatch3.16.2bs

ciscoios_xeMatch3.16.2s

ciscoios_xeMatch3.16.3as

ciscoios_xeMatch3.16.3s

ciscoios_xeMatch3.16.4as

ciscoios_xeMatch3.16.4bs

ciscoios_xeMatch3.16.4cs

ciscoios_xeMatch3.16.4ds

ciscoios_xeMatch3.16.4es

ciscoios_xeMatch3.16.4gs

ciscoios_xeMatch3.16.4s

ciscoios_xeMatch3.16.5as

ciscoios_xeMatch3.16.5bs

ciscoios_xeMatch3.16.5s

ciscoios_xeMatch3.16.6bs

ciscoios_xeMatch3.16.6s

ciscoios_xeMatch3.16.7as

ciscoios_xeMatch3.16.7bs

ciscoios_xeMatch3.16.7s

ciscoios_xeMatch3.16.8s

ciscoios_xeMatch3.16.9s

ciscoios_xeMatch3.16.10as

ciscoios_xeMatch3.16.10s

ciscoios_xeMatch3.17.0s

ciscoios_xeMatch3.17.1as

ciscoios_xeMatch3.17.1s

ciscoios_xeMatch3.17.2s

ciscoios_xeMatch3.17.3s

ciscoios_xeMatch3.17.4s

ciscoios_xeMatch3.18.0as

ciscoios_xeMatch3.18.0s

ciscoios_xeMatch3.18.0sp

ciscoios_xeMatch3.18.1asp

ciscoios_xeMatch3.18.1bsp

ciscoios_xeMatch3.18.1csp

ciscoios_xeMatch3.18.1gsp

ciscoios_xeMatch3.18.1hsp

ciscoios_xeMatch3.18.1isp

ciscoios_xeMatch3.18.1s

ciscoios_xeMatch3.18.1sp

ciscoios_xeMatch3.18.2asp

ciscoios_xeMatch3.18.2s

ciscoios_xeMatch3.18.2sp

ciscoios_xeMatch3.18.3asp

ciscoios_xeMatch3.18.3bsp

ciscoios_xeMatch3.18.3s

ciscoios_xeMatch3.18.3sp

ciscoios_xeMatch3.18.4s

ciscoios_xeMatch3.18.4sp

ciscoios_xeMatch3.18.5sp

ciscoios_xeMatch3.18.6sp

ciscoios_xeMatch3.18.7sp

ciscoios_xeMatch3.18.8asp

ciscoios_xeMatch3.18.8sp

ciscoios_xeMatch16.1.1

ciscoios_xeMatch16.1.2

ciscoios_xeMatch16.1.3

ciscoios_xeMatch16.2.1

ciscoios_xeMatch16.2.2

ciscoios_xeMatch16.3.1

ciscoios_xeMatch16.3.1a

ciscoios_xeMatch16.3.2

ciscoios_xeMatch16.3.3

ciscoios_xeMatch16.3.4

ciscoios_xeMatch16.3.5

ciscoios_xeMatch16.3.5b

ciscoios_xeMatch16.3.6

ciscoios_xeMatch16.3.7

ciscoios_xeMatch16.3.8

ciscoios_xeMatch16.3.9

ciscoios_xeMatch16.3.10

ciscoios_xeMatch16.3.11

ciscoios_xeMatch16.4.1

ciscoios_xeMatch16.4.2

ciscoios_xeMatch16.4.3

ciscoios_xeMatch16.5.1

ciscoios_xeMatch16.5.1a

ciscoios_xeMatch16.5.1b

ciscoios_xeMatch16.5.2

ciscoios_xeMatch16.5.3

ciscoios_xeMatch16.6.1

ciscoios_xeMatch16.6.2

ciscoios_xeMatch16.6.3

ciscoios_xeMatch16.6.4

ciscoios_xeMatch16.6.4a

ciscoios_xeMatch16.6.4s

ciscoios_xeMatch16.6.5

ciscoios_xeMatch16.6.5a

ciscoios_xeMatch16.6.5b

ciscoios_xeMatch16.6.6

ciscoios_xeMatch16.6.7

ciscoios_xeMatch16.6.7a

ciscoios_xeMatch16.6.8

ciscoios_xeMatch16.7.1

ciscoios_xeMatch16.7.1a

ciscoios_xeMatch16.7.1b

ciscoios_xeMatch16.7.2

ciscoios_xeMatch16.7.3

ciscoios_xeMatch16.7.4

ciscoios_xeMatch16.8.1

ciscoios_xeMatch16.8.1a

ciscoios_xeMatch16.8.1b

ciscoios_xeMatch16.8.1c

ciscoios_xeMatch16.8.1d

ciscoios_xeMatch16.8.1e

ciscoios_xeMatch16.8.1s

ciscoios_xeMatch16.8.2

ciscoios_xeMatch16.8.3

ciscoios_xeMatch16.9.1

ciscoios_xeMatch16.9.1a

ciscoios_xeMatch16.9.1b

ciscoios_xeMatch16.9.1c

ciscoios_xeMatch16.9.1d

ciscoios_xeMatch16.9.1s

ciscoios_xeMatch16.9.2

ciscoios_xeMatch16.9.2a

ciscoios_xeMatch16.9.2s

ciscoios_xeMatch16.9.3

ciscoios_xeMatch16.9.3a

ciscoios_xeMatch16.9.3h

ciscoios_xeMatch16.9.3s

ciscoios_xeMatch16.9.4

ciscoios_xeMatch16.9.4c

ciscoios_xeMatch16.9.5

ciscoios_xeMatch16.9.5f

ciscoios_xeMatch16.9.6

ciscoios_xeMatch16.10.1

ciscoios_xeMatch16.10.1a

ciscoios_xeMatch16.10.1b

ciscoios_xeMatch16.10.1c

ciscoios_xeMatch16.10.1d

ciscoios_xeMatch16.10.1e

ciscoios_xeMatch16.10.1f

ciscoios_xeMatch16.10.1g

ciscoios_xeMatch16.10.1s

ciscoios_xeMatch16.10.2

ciscoios_xeMatch16.10.3

ciscoios_xeMatch16.11.1

ciscoios_xeMatch16.11.1a

ciscoios_xeMatch16.11.1b

ciscoios_xeMatch16.11.1c

ciscoios_xeMatch16.11.1s

ciscoios_xeMatch16.11.2

ciscoios_xeMatch16.12.1

ciscoios_xeMatch16.12.1a

ciscoios_xeMatch16.12.1c

ciscoios_xeMatch16.12.1s

ciscoios_xeMatch16.12.1t

ciscoios_xeMatch16.12.1w

ciscoios_xeMatch16.12.1x

ciscoios_xeMatch16.12.1y

ciscoios_xeMatch16.12.1z

ciscoios_xeMatch16.12.1z1

ciscoios_xeMatch16.12.1za

ciscoios_xeMatch16.12.2

ciscoios_xeMatch16.12.2a

ciscoios_xeMatch16.12.2s

ciscoios_xeMatch16.12.2t

ciscoios_xeMatch16.12.3

ciscoios_xeMatch16.12.3a

ciscoios_xeMatch16.12.3s

ciscoios_xeMatch16.12.4

ciscoios_xeMatch16.12.4a

ciscoios_xeMatch17.1.1

ciscoios_xeMatch17.1.1a

ciscoios_xeMatch17.1.1s

ciscoios_xeMatch17.1.1t

ciscoios_xeMatch17.1.2

ciscoios_xeMatch17.2.1

ciscoios_xeMatch17.2.1a

ciscoios_xeMatch17.2.1r

ciscoios_xeMatch17.2.1v

ciscoios_xeMatch17.2.2

ciscoios_xeMatch17.2.3

ciscoios_xeMatch17.3.1

ciscoios_xeMatch17.3.1a

ciscoios_xeMatch17.3.1w

CPENameOperatorVersion
cisco:ios_xecisco ios xeeq3.7.0bs
cisco:ios_xecisco ios xeeq3.7.0s
cisco:ios_xecisco ios xeeq3.7.0xas
cisco:ios_xecisco ios xeeq3.7.0xbs
cisco:ios_xecisco ios xeeq3.7.1as
cisco:ios_xecisco ios xeeq3.7.1s
cisco:ios_xecisco ios xeeq3.7.2s
cisco:ios_xecisco ios xeeq3.7.2ts
cisco:ios_xecisco ios xeeq3.7.3s
cisco:ios_xecisco ios xeeq3.7.4as

CPE	Name	Operator	Version
cisco:ios_xe	cisco ios xe	eq	3.7.0bs
cisco:ios_xe	cisco ios xe	eq	3.7.0s
cisco:ios_xe	cisco ios xe	eq	3.7.0xas
cisco:ios_xe	cisco ios xe	eq	3.7.0xbs
cisco:ios_xe	cisco ios xe	eq	3.7.1as
cisco:ios_xe	cisco ios xe	eq	3.7.1s
cisco:ios_xe	cisco ios xe	eq	3.7.2s
cisco:ios_xe	cisco ios xe	eq	3.7.2ts
cisco:ios_xe	cisco ios xe	eq	3.7.3s
cisco:ios_xe	cisco ios xe	eq	3.7.4as

Rows per page:

1-10 of 2651

CNA Affected

[
  {
    "product": "Cisco IOS XE Software ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-alg-dos-hbBS7SZE

Social References

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

48.7%

JSON

Related for CVE-2021-1446

nessus1 prion1 cisco1 nvd1 cvelist1 ics1