Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-ZBFW-TGUGUYQ
HistorySep 22, 2021 - 4:00 p.m.

Cisco IOS XE Software Protection Against Distributed Denial of Service Attacks Feature Vulnerability

2021-09-2216:00:00
tools.cisco.com
31
cisco
ios xe
vulnerability
protection against distributed denial of service attacks
dos
software
update
advisory
remote attacker
tcp syn flood limit
exploit
security
publication.

EPSS

0.002

Percentile

52.7%

JSON

A vulnerability in the Protection Against Distributed Denial of Service Attacks feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct denial of service (DoS) attacks to or through the affected device.

This vulnerability is due to incorrect programming of the half-opened connections limit, TCP SYN flood limit, or TCP SYN cookie features when the features are configured in vulnerable releases of Cisco IOS XE Software. An attacker could exploit this vulnerability by attempting to flood traffic to or through the affected device. A successful exploit could allow the attacker to initiate a DoS attack to or through an affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-zbfw-tguGuYq [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-zbfw-tguGuYq”]

This advisory is part of the September 2021 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2021 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74581”]

Affected configurations

Vulners
Node
ciscocisco_ios_xe_softwareMatch17.2
OR
ciscocisco_ios_xe_softwareMatch17.3
OR
ciscocisco_ios_xe_softwareMatch17.4
OR
ciscoios_xe_sd-wanMatchany
OR
ciscocisco_ios_xe_softwareMatch17.2.1
OR
ciscocisco_ios_xe_softwareMatch17.2.1r
OR
ciscocisco_ios_xe_softwareMatch17.2.1a
OR
ciscocisco_ios_xe_softwareMatch17.2.1v
OR
ciscocisco_ios_xe_softwareMatch17.2.2
OR
ciscocisco_ios_xe_softwareMatch17.2.3
OR
ciscocisco_ios_xe_softwareMatch17.3.1
OR
ciscocisco_ios_xe_softwareMatch17.3.2
OR
ciscocisco_ios_xe_softwareMatch17.3.1a
OR
ciscocisco_ios_xe_softwareMatch17.3.1w
OR
ciscocisco_ios_xe_softwareMatch17.3.2a
OR
ciscocisco_ios_xe_softwareMatch17.3.1x
OR
ciscocisco_ios_xe_softwareMatch17.3.1z
OR
ciscocisco_ios_xe_softwareMatch17.4.1
OR
ciscocisco_ios_xe_softwareMatch17.4.1a
OR
ciscocisco_ios_xe_softwareMatch17.4.1b
OR
ciscocisco_ios_xe_softwareMatch17.4.1c
OR
ciscoios_xe_sd-wanMatchany
VendorProductVersionCPE
ciscocisco_ios_xe_software17.2cpe:2.3:a:cisco:cisco_ios_xe_software:17.2:*:*:*:*:*:*:*
ciscocisco_ios_xe_software17.3cpe:2.3:a:cisco:cisco_ios_xe_software:17.3:*:*:*:*:*:*:*
ciscocisco_ios_xe_software17.4cpe:2.3:a:cisco:cisco_ios_xe_software:17.4:*:*:*:*:*:*:*
ciscoios_xe_sd-wananycpe:2.3:o:cisco:ios_xe_sd-wan:any:*:*:*:*:*:*:*
ciscocisco_ios_xe_software17.2.1cpe:2.3:a:cisco:cisco_ios_xe_software:17.2.1:*:*:*:*:*:*:*
ciscocisco_ios_xe_software17.2.1rcpe:2.3:a:cisco:cisco_ios_xe_software:17.2.1r:*:*:*:*:*:*:*
ciscocisco_ios_xe_software17.2.1acpe:2.3:a:cisco:cisco_ios_xe_software:17.2.1a:*:*:*:*:*:*:*
ciscocisco_ios_xe_software17.2.1vcpe:2.3:a:cisco:cisco_ios_xe_software:17.2.1v:*:*:*:*:*:*:*
ciscocisco_ios_xe_software17.2.2cpe:2.3:a:cisco:cisco_ios_xe_software:17.2.2:*:*:*:*:*:*:*
ciscocisco_ios_xe_software17.2.3cpe:2.3:a:cisco:cisco_ios_xe_software:17.2.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 211

Related

cnvd 1
prion 1
cvelist 1
nvd 1
cve 1
cnvd
cnvd
Cisco IOS XE Software Denial of Service Vulnerability (CNVD-2021-80665)
2021-09-24 00:00:00
prion
prion
Design/Logic Flaw
2021-09-23 03:15:00
cvelist
cvelist
CVE-2021-34697 Cisco IOS XE Software Protection Against Distributed Denial of Service Attacks Feature Vulnerability
2021-09-23 02:25:35
nvd
nvd
CVE-2021-34697
2021-09-23 03:15:16
cve
cve
CVE-2021-34697
2021-09-23 03:15:16

EPSS

0.002

Percentile

52.7%

JSON
Related for CISCO-SA-ZBFW-TGUGUYQ
cnvd1prion1cvelist1nvd1cve1