Lucene search

[email protected]NVD:CVE-2021-34713

HistorySep 09, 2021 - 5:15 a.m.

CVE-2021-34713

2021-09-0905:15:10

CWE-399

[email protected]

web.nvd.nist.gov

cisco

asr 9000

vulnerability

unauthenticated attacker

line card reboot

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON

A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot.

Affected configurations

Nvd

Node

ciscoasr_9000Match-

ciscoasr_9000v-v2Match-

ciscoasr_9001Match-

ciscoasr_9006Match-

ciscoasr_9010Match-

ciscoasr_9901Match-

ciscoasr_9902Match-

ciscoasr_9903Match-

ciscoasr_9904Match-

ciscoasr_9906Match-

ciscoasr_9910Match-

ciscoasr_9912Match-

ciscoasr_9922Match-

AND

ciscoios_xrRange6.4–6.6.3

ciscoios_xrRange6.7–6.7.1

ciscoios_xrRange7.0–7.0.2

ciscoios_xrRange7.1–7.1.1

VendorProductVersionCPE
ciscoasr_9000-cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*
ciscoasr_9000v-v2-cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*
ciscoasr_9001-cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*
ciscoasr_9006-cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*
ciscoasr_9010-cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*
ciscoasr_9901-cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*
ciscoasr_9902-cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*
ciscoasr_9903-cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*
ciscoasr_9904-cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*
ciscoasr_9906-cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	asr_9000	-	cpe:2.3:h:cisco:asr_9000:-:::::::*
cisco	asr_9000v-v2	-	cpe:2.3:h:cisco:asr_9000v-v2:-:::::::*
cisco	asr_9001	-	cpe:2.3:h:cisco:asr_9001:-:::::::*
cisco	asr_9006	-	cpe:2.3:h:cisco:asr_9006:-:::::::*
cisco	asr_9010	-	cpe:2.3:h:cisco:asr_9010:-:::::::*
cisco	asr_9901	-	cpe:2.3:h:cisco:asr_9901:-:::::::*
cisco	asr_9902	-	cpe:2.3:h:cisco:asr_9902:-:::::::*
cisco	asr_9903	-	cpe:2.3:h:cisco:asr_9903:-:::::::*
cisco	asr_9904	-	cpe:2.3:h:cisco:asr_9904:-:::::::*
cisco	asr_9906	-	cpe:2.3:h:cisco:asr_9906:-:::::::*

Rows per page:

1-10 of 141

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON

Related for NVD:CVE-2021-34713

cve1 nessus1 cisco1 prion1 cvelist1