Lucene search

CiscoCVE-2021-1352

HistoryMar 24, 2021 - 9:15 p.m.

CVE-2021-1352

2021-03-2421:15:11

CWE-119

CWE-823

cisco

web.nvd.nist.gov

cve-2021-1352

vulnerability

decnet

cisco ios xe software

dos

nvd

security

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON

A vulnerability in the DECnet Phase IV and DECnet/OSI protocol processing of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation of DECnet traffic that is received by an affected device. An attacker could exploit this vulnerability by sending DECnet traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Affected configurations

Nvd

Node

ciscoios_xeMatch16.4.1

ciscoios_xeMatch16.4.2

ciscoios_xeMatch16.4.3

ciscoios_xeMatch16.5.1

ciscoios_xeMatch16.5.1a

ciscoios_xeMatch16.5.1b

ciscoios_xeMatch16.5.2

ciscoios_xeMatch16.5.3

ciscoios_xeMatch16.6.1

ciscoios_xeMatch16.6.2

ciscoios_xeMatch16.6.3

ciscoios_xeMatch16.6.4

ciscoios_xeMatch16.6.4a

ciscoios_xeMatch16.6.4s

ciscoios_xeMatch16.6.5

ciscoios_xeMatch16.6.5a

ciscoios_xeMatch16.6.5b

ciscoios_xeMatch16.6.6

ciscoios_xeMatch16.6.7

ciscoios_xeMatch16.6.7a

ciscoios_xeMatch16.6.8

ciscoios_xeMatch16.7.1

ciscoios_xeMatch16.7.2

ciscoios_xeMatch16.7.3

ciscoios_xeMatch16.8.1

ciscoios_xeMatch16.8.1a

ciscoios_xeMatch16.8.1b

ciscoios_xeMatch16.8.1c

ciscoios_xeMatch16.8.1s

ciscoios_xeMatch16.8.2

ciscoios_xeMatch16.8.3

ciscoios_xeMatch16.9.1

ciscoios_xeMatch16.9.1a

ciscoios_xeMatch16.9.1b

ciscoios_xeMatch16.9.1c

ciscoios_xeMatch16.9.1d

ciscoios_xeMatch16.9.1s

ciscoios_xeMatch16.9.2

ciscoios_xeMatch16.9.2a

ciscoios_xeMatch16.9.2s

ciscoios_xeMatch16.9.3

ciscoios_xeMatch16.9.3a

ciscoios_xeMatch16.9.3h

ciscoios_xeMatch16.9.3s

ciscoios_xeMatch16.9.4

ciscoios_xeMatch16.9.4c

ciscoios_xeMatch16.9.5

ciscoios_xeMatch16.9.5f

ciscoios_xeMatch16.9.6

ciscoios_xeMatch16.10.1

ciscoios_xeMatch16.10.1a

ciscoios_xeMatch16.10.1b

ciscoios_xeMatch16.10.1e

ciscoios_xeMatch16.10.1s

ciscoios_xeMatch16.10.2

ciscoios_xeMatch16.10.3

ciscoios_xeMatch16.11.1

ciscoios_xeMatch16.11.1a

ciscoios_xeMatch16.11.1b

ciscoios_xeMatch16.11.1c

ciscoios_xeMatch16.11.1s

ciscoios_xeMatch16.11.2

ciscoios_xeMatch16.12.1

ciscoios_xeMatch16.12.1a

ciscoios_xeMatch16.12.1c

ciscoios_xeMatch16.12.1s

ciscoios_xeMatch16.12.1t

ciscoios_xeMatch16.12.2

ciscoios_xeMatch16.12.2a

ciscoios_xeMatch16.12.2s

ciscoios_xeMatch16.12.2t

ciscoios_xeMatch16.12.3

ciscoios_xeMatch16.12.3a

ciscoios_xeMatch16.12.3s

ciscoios_xeMatch16.12.4

ciscoios_xeMatch16.12.4a

ciscoios_xeMatch17.1.1

ciscoios_xeMatch17.1.1a

ciscoios_xeMatch17.1.1s

ciscoios_xeMatch17.1.1t

ciscoios_xeMatch17.1.2

ciscoios_xeMatch17.2.1

ciscoios_xeMatch17.2.1a

ciscoios_xeMatch17.2.1r

ciscoios_xeMatch17.2.1v

ciscoios_xeMatch17.2.2

ciscoios_xeMatch17.2.3

ciscoios_xeMatch17.3.1

ciscoios_xeMatch17.3.1a

VendorProductVersionCPE
ciscoios_xe16.4.1cpe:2.3:o:cisco:ios_xe:16.4.1:*:*:*:*:*:*:*
ciscoios_xe16.4.2cpe:2.3:o:cisco:ios_xe:16.4.2:*:*:*:*:*:*:*
ciscoios_xe16.4.3cpe:2.3:o:cisco:ios_xe:16.4.3:*:*:*:*:*:*:*
ciscoios_xe16.5.1cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*
ciscoios_xe16.5.1acpe:2.3:o:cisco:ios_xe:16.5.1a:*:*:*:*:*:*:*
ciscoios_xe16.5.1bcpe:2.3:o:cisco:ios_xe:16.5.1b:*:*:*:*:*:*:*
ciscoios_xe16.5.2cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*
ciscoios_xe16.5.3cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*
ciscoios_xe16.6.1cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*
ciscoios_xe16.6.2cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	16.4.1	cpe:2.3:o:cisco:ios_xe:16.4.1:::::::*
cisco	ios_xe	16.4.2	cpe:2.3:o:cisco:ios_xe:16.4.2:::::::*
cisco	ios_xe	16.4.3	cpe:2.3:o:cisco:ios_xe:16.4.3:::::::*
cisco	ios_xe	16.5.1	cpe:2.3:o:cisco:ios_xe:16.5.1:::::::*
cisco	ios_xe	16.5.1a	cpe:2.3:o:cisco:ios_xe:16.5.1a:::::::*
cisco	ios_xe	16.5.1b	cpe:2.3:o:cisco:ios_xe:16.5.1b:::::::*
cisco	ios_xe	16.5.2	cpe:2.3:o:cisco:ios_xe:16.5.2:::::::*
cisco	ios_xe	16.5.3	cpe:2.3:o:cisco:ios_xe:16.5.3:::::::*
cisco	ios_xe	16.6.1	cpe:2.3:o:cisco:ios_xe:16.6.1:::::::*
cisco	ios_xe	16.6.2	cpe:2.3:o:cisco:ios_xe:16.6.2:::::::*

Rows per page:

1-10 of 891

CNA Affected

[
  {
    "product": "Cisco IOS XE Software",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-decnet-dos-cuPWDkyL

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON

Related for CVE-2021-1352