CVE-2021-1587

Interpretation Conflict (CWE-436)

Published: Aug 25, 2021 / Updated: 39mo ago

010
CVSS 8.6EPSS 0.14%High
CVE info copied to clipboard

A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2021-1587. See article

Aug 25, 2021 at 4:06 PM / tools.cisco.com
EPSS

EPSS Score was set to: 0.14% (Percentile: 48.8%)

Sep 28, 2023 at 6:34 AM
Static CVE Timeline Graph

Affected Systems

Cisco/nx-os
+null more

Patches

tools.cisco.com
+null more

Attack Patterns

CAPEC-105: HTTP Request Splitting
+null more

News

DSA-2021-253: Dell EMC PowerFlex Rack Security Update for Multiple Third-Party ...
For RCM release information: For RCM release information:
Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service (CVE-2021-1587)
A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric.
VPN Vulnerability Report 2023 - Top10VPN
Code Execution and Injection, which is the most common category of vulnerabilities across the dataset, refers to flaws and weaknesses in software that permit attackers to run malicious or arbitrary code. Some common types of vulnerabilities in this category include unauthorized users accessing or reading files they shouldn’t be able to, often due to misconfigurations or design flaws, sending data over the network without proper encryption, which can lead to information interception, and systems not sufficiently encrypting or masking sensitive data, making it easily accessible.
F5 exploit github - United Way for Clinton County
tags | exploit, remote, code execution advisories | CVE-2021-22986 Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers Critical F5 BIG-IP Bug Under Active Attacks After PoC Exploit Posted Online. . Jul 6, 2020 F5 Traffic Management User Interface (TMUI) Remote Code Execution A critical vulnerability exists (CVE-2020-5902) that can lead to Jul 7, 2020 02:26 July 6th, 2020 Further exploits released on Github .
Vulnerability Summary for the Week of August 23, 2021
Original release date: August 30, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info adobe — bridge Adobe Bridge version 11.0.2 (and earlier) are affected by a Heap-based Buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2021-08-20 9.3 CVE-2021-28624 MISC adobe — bridge Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2021-08-20 9.3 CVE-2021-35989 MISC adobe — bridge Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
See 24 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Changed
Confidentiality:None
Integrity:None
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI