Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-1588
HistoryAug 25, 2021 - 8:15 p.m.

CVE-2021-1588

2021-08-2520:15:11
CWE-20
CWE-126
CWE-125
[email protected]
web.nvd.nist.gov
24
4
cve-2021-1588
vulnerability
mpls
oam
cisco
nx-os
software
remote attack
dos

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

52.6%

JSON

A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when an affected device is processing an MPLS echo-request or echo-reply packet. An attacker could exploit this vulnerability by sending malicious MPLS echo-request or echo-reply packets to an interface that is enabled for MPLS forwarding on the affected device. A successful exploit could allow the attacker to cause the MPLS OAM process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition.

Affected configurations

NVD
Node
cisconx-osMatch7.0\(3\)i7\(9\)
OR
cisconx-osMatch8.4\(1\)
OR
cisconx-osMatch9.3\(7\)
AND
cisconexus_3000Match-
OR
cisconexus_3048Match-
OR
cisconexus_31108pc-vMatch-
OR
cisconexus_31108tc-vMatch-
OR
cisconexus_31128pqMatch-
OR
cisconexus_3132c-zMatch-
OR
cisconexus_3132q-vMatch-
OR
cisconexus_3132q-x\/3132q-xlMatch-
OR
cisconexus_3164qMatch-
OR
cisconexus_3172pq\/pq-xlMatch-
OR
cisconexus_3172tq-xlMatch-
OR
cisconexus_3232cMatch-
OR
cisconexus_3264c-eMatch-
OR
cisconexus_3264qMatch-
OR
cisconexus_3408-sMatch-
OR
cisconexus_34180ycMatch-
OR
cisconexus_3432d-sMatch-
OR
cisconexus_3464cMatch-
OR
cisconexus_3524-x\/xlMatch-
OR
cisconexus_3548-x\/xlMatch-
OR
cisconexus_36180yc-rMatch-
OR
cisconexus_3636c-rMatch-
OR
cisconexus_7000_10-slotMatch-
OR
cisconexus_7000_18-slotMatch-
OR
cisconexus_7000_4-slotMatch-
OR
cisconexus_7000_9-slotMatch-
OR
cisconexus_9000vMatch-
OR
cisconexus_92160yc-xMatch-
OR
cisconexus_92300ycMatch-
OR
cisconexus_92304qcMatch-
OR
cisconexus_92348gc-xMatch-
OR
cisconexus_9236cMatch-
OR
cisconexus_9272qMatch-
OR
cisconexus_93108tc-exMatch-
OR
cisconexus_93108tc-ex-24Match-
OR
cisconexus_93108tc-fxMatch-
OR
cisconexus_93108tc-fx-24Match-
OR
cisconexus_93108tc-fx3pMatch-
OR
cisconexus_93120txMatch-
OR
cisconexus_93128txMatch-
OR
cisconexus_9316d-gxMatch-
OR
cisconexus_93180lc-exMatch-
OR
cisconexus_93180yc-exMatch-
OR
cisconexus_93180yc-ex-24Match-
OR
cisconexus_93180yc-fxMatch-
OR
cisconexus_93180yc-fx-24Match-
OR
cisconexus_93180yc-fx3Match-
OR
cisconexus_93180yc-fx3sMatch-
OR
cisconexus_93216tc-fx2Match-
OR
cisconexus_93240yc-fx2Match-
OR
cisconexus_9332cMatch-
OR
cisconexus_9332pqMatch-
OR
cisconexus_93360yc-fx2Match-
OR
cisconexus_9336c-fx2Match-
OR
cisconexus_9336c-fx2-eMatch-
OR
cisconexus_9348gc-fxpMatch-
OR
cisconexus_93600cd-gxMatch-
OR
cisconexus_9364cMatch-
OR
cisconexus_9364c-gxMatch-
OR
cisconexus_9372pxMatch-
OR
cisconexus_9372px-eMatch-
OR
cisconexus_9372txMatch-
OR
cisconexus_9372tx-eMatch-
OR
cisconexus_9396pxMatch-
OR
cisconexus_9396txMatch-
OR
cisconexus_9508Match-

CNA Affected

[
  {
    "product": "Cisco NX-OS Software ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

Social References

More

Related

nessus 2
prion 1
cisco 1
cvelist 1
cnvd 1
nvd 1
nessus
nessus
Cisco NX-OS Software MPLS OAM DoS (cisco-sa-nxos-mpls-oam-dos-sGO9x5GM)
2022-02-11 00:00:00
Cisco NX-OS Software MPLS OAM Denial of Service (CVE-2021-1588)
2023-07-25 00:00:00
prion
prion
Input validation
2021-08-25 20:15:00
cisco
cisco
Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability
2021-08-25 16:00:00
cvelist
cvelist
CVE-2021-1588 Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability
2021-08-25 00:00:00
cnvd
cnvd
Cisco NX-OS Software Denial of Service Vulnerability (CNVD-2021-68723)
2021-08-26 00:00:00
nvd
nvd
CVE-2021-1588
2021-08-25 20:15:11

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

52.6%

JSON
Related for CVE-2021-1588
nessus2prion1cisco1cvelist1cnvd1nvd1