CVE-2021-1446Improper Check for Unusual or Exceptional Conditions in Cisco IOS XE Software

CWE-754Improper Check for Unusual or Exceptional Conditions4 documents4 sources
Severity
7.5HIGHNVD
CNA8.6
EPSS
0.3%
top 48.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOS XE SoftwareCisco IOS XE
Timeline
PublishedMar 24
Latest updateMay 24

Description

A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a logic error that occurs when an affected device inspects certain DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through an affected device that is performing NAT for DNS packets. A successful exploit c

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDcisco/ios_xe265 versions+264

🔴Vulnerability Details

2
GHSA
GHSA-m3m6-h5x2-mhf5: A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software could allo2022-05-24
CVEList
Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability2021-03-24

📋Vendor Advisories

1
Cisco
Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability2021-03-24
CVE-2021-1446 — Cisco IOS XE Software vulnerability | cvebase