Lucene search

[email protected]NVD:CVE-2021-34720

HistorySep 09, 2021 - 5:15 a.m.

CVE-2021-34720

2021-09-0905:15:11

CWE-771

[email protected]

web.nvd.nist.gov

cisco

vulnerability

dos

ip sla

twamp

remote attacker

packet memory.

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.002

Percentile

52.7%

JSON

A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process.

Affected configurations

Nvd

Node

ciscoios_xrRange<6.2.3

ciscoios_xrRange6.3.0–6.3.2

ciscoios_xrRange6.5.0–7.2.2

AND

ciscoasr_9000v-v2Match-

ciscoasr_9001Match-

ciscoasr_9006Match-

ciscoasr_9010Match-

ciscoasr_9901Match-

ciscoasr_9902Match-

ciscoasr_9903Match-

ciscoasr_9904Match-

ciscoasr_9906Match-

ciscoasr_9910Match-

ciscoasr_9912Match-

ciscoasr_9922Match-

Node

ciscoios_xrRange<6.2.3

ciscoios_xrRange6.3.0–6.3.2

ciscoios_xrRange6.5.0–7.2.2

AND

ciscoios_xrvMatch-

ciscoios_xrv_9000Match-

Node

ciscoios_xrRange<6.2.3

ciscoios_xrRange6.3.0–6.3.2

ciscoios_xrRange6.5.0–7.2.2

AND

cisconcs_520Match-

cisconcs_540Match-

cisconcs_540_fronthaulMatch-

cisconcs_560-4Match-

cisconcs_560-7Match-

Node

ciscoios_xrRange<6.2.3

ciscoios_xrRange6.3.0–6.3.2

ciscoios_xrRange6.5.0–7.2.2

AND

cisconcs_5001Match-

cisconcs_5002Match-

cisconcs_5011Match-

Node

ciscoios_xrRange<6.2.3

ciscoios_xrRange6.3.0–6.3.2

ciscoios_xrRange6.5.0–7.2.2

AND

cisconcs_4009Match-

cisconcs_4016Match-

Node

ciscoios_xrRange<6.2.3

ciscoios_xrRange6.3.0–6.3.2

ciscoios_xrRange6.5.0–7.2.2

AND

cisconcs_5501Match-

cisconcs_5501-seMatch-

cisconcs_5502Match-

cisconcs_5502-seMatch-

cisconcs_5508Match-

cisconcs_5516Match-

Node

ciscoios_xrRange<6.2.3

ciscoios_xrRange6.3.0–6.3.2

ciscoios_xrRange6.5.0–7.2.2

AND

cisconcs_6000Match-

cisconcs_6008Match-

Node

ciscoios_xrRange<6.2.3

ciscoios_xrRange6.3.0–6.3.2

ciscoios_xrRange6.5.0–7.2.2

AND

cisconcs_1001Match-

cisconcs_1002Match-

cisconcs_1004Match-

Node

ciscoios_xrRange<6.2.3

ciscoios_xrRange6.3.0–6.3.2

ciscoios_xrRange6.5.0–7.2.2

AND

cisco8101-32fhMatch-

cisco8101-32hMatch-

cisco8102-64hMatch-

cisco8201Match-

cisco8201-32fhMatch-

cisco8202Match-

cisco8804Match-

cisco8808Match-

cisco8812Match-

cisco8818Match-

VendorProductVersionCPE
ciscoios_xr*cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*
ciscoasr_9000v-v2-cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*
ciscoasr_9001-cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*
ciscoasr_9006-cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*
ciscoasr_9010-cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*
ciscoasr_9901-cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*
ciscoasr_9902-cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*
ciscoasr_9903-cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*
ciscoasr_9904-cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*
ciscoasr_9906-cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xr	*	cpe:2.3:o:cisco:ios_xr::::::::
cisco	asr_9000v-v2	-	cpe:2.3:h:cisco:asr_9000v-v2:-:::::::*
cisco	asr_9001	-	cpe:2.3:h:cisco:asr_9001:-:::::::*
cisco	asr_9006	-	cpe:2.3:h:cisco:asr_9006:-:::::::*
cisco	asr_9010	-	cpe:2.3:h:cisco:asr_9010:-:::::::*
cisco	asr_9901	-	cpe:2.3:h:cisco:asr_9901:-:::::::*
cisco	asr_9902	-	cpe:2.3:h:cisco:asr_9902:-:::::::*
cisco	asr_9903	-	cpe:2.3:h:cisco:asr_9903:-:::::::*
cisco	asr_9904	-	cpe:2.3:h:cisco:asr_9904:-:::::::*
cisco	asr_9906	-	cpe:2.3:h:cisco:asr_9906:-:::::::*

Rows per page:

1-10 of 461

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.002

Percentile

52.7%

JSON

Related for NVD:CVE-2021-34720

prion1 nessus1 cisco1 cvelist1 cve1 cnvd1