Lucene search

CiscoCVE-2021-1521

HistoryMay 06, 2021 - 1:15 p.m.

CVE-2021-1521

2021-05-0613:15:11

CWE-119

cisco

web.nvd.nist.gov

cisco

discovery protocol

vulnerability

ip cameras

dos

layer 2

nvd

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. This vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected IP camera. A successful exploit could allow the attacker to cause the affected IP camera to reload unexpectedly, resulting in a denial of service (DoS) condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Affected configurations

Nvd

Node

ciscovideo_surveillance_8400_firmwareRange<1.0.9-11

AND

ciscovideo_surveillance_8400Match-

Node

ciscovideo_surveillance_8000pMatch-

AND

ciscovideo_surveillance_8000p_firmwareRange<1.0.9-11

Node

ciscovideo_surveillance_8020Match-

AND

ciscovideo_surveillance_8020_firmwareRange<1.0.9-11

Node

ciscovideo_surveillance_8030Match-

AND

ciscovideo_surveillance_8030_firmwareRange<1.0.9-11

Node

ciscovideo_surveillance_8070Match-

AND

ciscovideo_surveillance_8070_firmwareRange<1.0.9-11

Node

ciscovideo_surveillance_8620Match-

AND

ciscovideo_surveillance_8620_firmwareRange<1.0.9-11

Node

ciscovideo_surveillance_8630Match-

AND

ciscovideo_surveillance_8630_firmwareRange<1.0.9-11

Node

ciscovideo_surveillance_8930Match-

AND

ciscovideo_surveillance_8930_firmwareRange<1.0.9-11

VendorProductVersionCPE
ciscovideo_surveillance_8400_firmware*cpe:2.3:o:cisco:video_surveillance_8400_firmware:*:*:*:*:*:*:*:*
ciscovideo_surveillance_8400-cpe:2.3:h:cisco:video_surveillance_8400:-:*:*:*:*:*:*:*
ciscovideo_surveillance_8000p-cpe:2.3:h:cisco:video_surveillance_8000p:-:*:*:*:*:*:*:*
ciscovideo_surveillance_8000p_firmware*cpe:2.3:o:cisco:video_surveillance_8000p_firmware:*:*:*:*:*:*:*:*
ciscovideo_surveillance_8020-cpe:2.3:h:cisco:video_surveillance_8020:-:*:*:*:*:*:*:*
ciscovideo_surveillance_8020_firmware*cpe:2.3:o:cisco:video_surveillance_8020_firmware:*:*:*:*:*:*:*:*
ciscovideo_surveillance_8030-cpe:2.3:h:cisco:video_surveillance_8030:-:*:*:*:*:*:*:*
ciscovideo_surveillance_8030_firmware*cpe:2.3:o:cisco:video_surveillance_8030_firmware:*:*:*:*:*:*:*:*
ciscovideo_surveillance_8070-cpe:2.3:h:cisco:video_surveillance_8070:-:*:*:*:*:*:*:*
ciscovideo_surveillance_8070_firmware*cpe:2.3:o:cisco:video_surveillance_8070_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	video_surveillance_8400_firmware	*	cpe:2.3:o:cisco:video_surveillance_8400_firmware::::::::
cisco	video_surveillance_8400	-	cpe:2.3:h:cisco:video_surveillance_8400:-:::::::*
cisco	video_surveillance_8000p	-	cpe:2.3:h:cisco:video_surveillance_8000p:-:::::::*
cisco	video_surveillance_8000p_firmware	*	cpe:2.3:o:cisco:video_surveillance_8000p_firmware::::::::
cisco	video_surveillance_8020	-	cpe:2.3:h:cisco:video_surveillance_8020:-:::::::*
cisco	video_surveillance_8020_firmware	*	cpe:2.3:o:cisco:video_surveillance_8020_firmware::::::::
cisco	video_surveillance_8030	-	cpe:2.3:h:cisco:video_surveillance_8030:-:::::::*
cisco	video_surveillance_8030_firmware	*	cpe:2.3:o:cisco:video_surveillance_8030_firmware::::::::
cisco	video_surveillance_8070	-	cpe:2.3:h:cisco:video_surveillance_8070:-:::::::*
cisco	video_surveillance_8070_firmware	*	cpe:2.3:o:cisco:video_surveillance_8070_firmware::::::::

Rows per page:

1-10 of 161

CNA Affected

[
  {
    "product": "Cisco Video Surveillance 8000 Series IP Cameras",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcameras-dos-fc3F6LzT

Social References

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON

Related for CVE-2021-1521