Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-NCS520-TCP-ZPZZOXB
HistoryMar 24, 2021 - 4:00 p.m.

Cisco IOS XE Software for Network Convergence System 520 Routers Denial of Service Vulnerability

2021-03-2416:00:00
tools.cisco.com
47
cisco
network convergence system
ncs 520
vulnerability
dos
ingress traffic manager
web management interface
ipv4 tcp
remote attacker
software update

EPSS

0.002

Percentile

51.4%

JSON

A vulnerability in the ingress traffic manager of Cisco IOS XE Software for Cisco Network Convergence System (NCS) 520 Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the web management interface of an affected device.

This vulnerability is due to incorrect processing of certain IPv4 TCP traffic that is destined to an affected device. An attacker could exploit this vulnerability by sending a large number of crafted TCP packets to the affected device. A successful exploit could allow the attacker to cause the web management interface to become unavailable, resulting in a DoS condition.

Note: This vulnerability does not impact traffic that is going through the device or going to the Management Ethernet interface of the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs520-tcp-ZpzzOxB [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs520-tcp-ZpzzOxB”]

Affected configurations

Vulners
Node
ciscocisco_ios_xe_softwareMatch16.10
OR
ciscocisco_ios_xe_softwareMatch17.2
OR
ciscocisco_ios_xe_softwareMatchany
OR
ciscocisco_ios_xe_softwareMatch16.10.1
OR
ciscocisco_ios_xe_softwareMatch16.10.1a
OR
ciscocisco_ios_xe_softwareMatch16.10.1b
OR
ciscocisco_ios_xe_softwareMatch16.10.1s
OR
ciscocisco_ios_xe_softwareMatch16.10.1c
OR
ciscocisco_ios_xe_softwareMatch16.10.1e
OR
ciscocisco_ios_xe_softwareMatch16.10.1d
OR
ciscocisco_ios_xe_softwareMatch16.10.1f
OR
ciscocisco_ios_xe_softwareMatch16.10.1g
OR
ciscocisco_ios_xe_softwareMatch17.2.1v
OR
ciscocisco_ios_xe_softwareMatchany
VendorProductVersionCPE
ciscocisco_ios_xe_software16.10cpe:2.3:a:cisco:cisco_ios_xe_software:16.10:*:*:*:*:*:*:*
ciscocisco_ios_xe_software17.2cpe:2.3:a:cisco:cisco_ios_xe_software:17.2:*:*:*:*:*:*:*
ciscocisco_ios_xe_softwareanycpe:2.3:a:cisco:cisco_ios_xe_software:any:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.10.1cpe:2.3:a:cisco:cisco_ios_xe_software:16.10.1:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.10.1acpe:2.3:a:cisco:cisco_ios_xe_software:16.10.1a:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.10.1bcpe:2.3:a:cisco:cisco_ios_xe_software:16.10.1b:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.10.1scpe:2.3:a:cisco:cisco_ios_xe_software:16.10.1s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.10.1ccpe:2.3:a:cisco:cisco_ios_xe_software:16.10.1c:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.10.1ecpe:2.3:a:cisco:cisco_ios_xe_software:16.10.1e:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.10.1dcpe:2.3:a:cisco:cisco_ios_xe_software:16.10.1d:*:*:*:*:*:*:*
Rows per page:
1-10 of 131

Related

nessus 1
cvelist 1
cve 1
nvd 1
prion 1
nessus
nessus
Cisco IOS XE Software for Network Convergence System 520 Routers Denial of Service (cisco-sa-ncs520-tcp-ZpzzOxB)
2021-03-24 00:00:00
cvelist
cvelist
CVE-2021-1394 Cisco IOS XE Software for Network Convergence System 520 Routers Denial of Service Vulnerability
2021-03-24 20:07:14
cve
cve
CVE-2021-1394
2021-03-24 20:15:14
nvd
nvd
CVE-2021-1394
2021-03-24 20:15:14
prion
prion
Design/Logic Flaw
2021-03-24 20:15:00

EPSS

0.002

Percentile

51.4%

JSON
Related for CISCO-SA-NCS520-TCP-ZPZZOXB
nessus1cvelist1cve1nvd1prion1