Lucene search

[email protected]NVD:CVE-2021-1622

HistorySep 23, 2021 - 3:15 a.m.

CVE-2021-1622

2021-09-2303:15:13

CWE-667

CWE-833

[email protected]

web.nvd.nist.gov

cisco

ios xe

converged broadband routers

remote attackers

denial of service

deadlock condition

cops packets

resource exhaustion

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.002

Percentile

52.7%

JSON

A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This vulnerability is due to a deadlock condition in the code when processing COPS packets under certain conditions. An attacker could exploit this vulnerability by sending COPS packets with high burst rates to an affected device. A successful exploit could allow the attacker to cause the CPU to consume excessive resources, which prevents other control plane processes from obtaining resources and results in a DoS.

Affected configurations

Nvd

Node

ciscoios_xeRange<16.12.1z1

ciscoios_xeMatch17.3.1x

AND

cisco7600_routerMatch-

ciscoasr_901-12c-f-dMatch-

ciscoasr_901-12c-ft-dMatch-

ciscoasr_901-4c-f-dMatch-

ciscoasr_901-4c-ft-dMatch-

ciscoasr_901-6cz-f-aMatch-

ciscoasr_901-6cz-f-dMatch-

ciscoasr_901-6cz-fs-aMatch-

ciscoasr_901-6cz-fs-dMatch-

ciscoasr_901-6cz-ft-aMatch-

ciscoasr_901-6cz-ft-dMatch-

ciscocbr-8Match-

VendorProductVersionCPE
ciscoios_xe*cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
ciscoios_xe17.3.1xcpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*
cisco7600_router-cpe:2.3:h:cisco:7600_router:-:*:*:*:*:*:*:*
ciscoasr_901-12c-f-d-cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*
ciscoasr_901-12c-ft-d-cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*
ciscoasr_901-4c-f-d-cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*
ciscoasr_901-4c-ft-d-cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*
ciscoasr_901-6cz-f-a-cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*
ciscoasr_901-6cz-f-d-cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*
ciscoasr_901-6cz-fs-a-cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	*	cpe:2.3:o:cisco:ios_xe::::::::
cisco	ios_xe	17.3.1x	cpe:2.3:o:cisco:ios_xe:17.3.1x:::::::*
cisco	7600_router	-	cpe:2.3:h:cisco:7600_router:-:::::::*
cisco	asr_901-12c-f-d	-	cpe:2.3:h:cisco:asr_901-12c-f-d:-:::::::*
cisco	asr_901-12c-ft-d	-	cpe:2.3:h:cisco:asr_901-12c-ft-d:-:::::::*
cisco	asr_901-4c-f-d	-	cpe:2.3:h:cisco:asr_901-4c-f-d:-:::::::*
cisco	asr_901-4c-ft-d	-	cpe:2.3:h:cisco:asr_901-4c-ft-d:-:::::::*
cisco	asr_901-6cz-f-a	-	cpe:2.3:h:cisco:asr_901-6cz-f-a:-:::::::*
cisco	asr_901-6cz-f-d	-	cpe:2.3:h:cisco:asr_901-6cz-f-d:-:::::::*
cisco	asr_901-6cz-fs-a	-	cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:::::::*

Rows per page:

1-10 of 141

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8-cops-Vc2ZsJSx

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.002

Percentile

52.7%

JSON

Related for NVD:CVE-2021-1622

nessus1 cisco1 prion1 cvelist1 cve1