CVE-2021-1460

CWE-400Uncontrolled Resource ConsumptionCWE-4025 documents5 sources
Severity
7.5HIGH
EPSS
0.2%
top 59.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Cisco Cgr1000 FirmwareCisco Ic3000 Industrial Compute Gateway FirmwareCisco IOS+1 more
Timeline
PublishedMar 24
Latest updateMar 25

Description

A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustai

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages4 packages

NVDcisco/cgr1000_firmware< 1.12.0.3
NVDcisco/ios< 15.9\(3\)m3
CVEListV5cisco/cisco_iosn/a

🔴Vulnerability Details

2
GHSA
GHSA-phf8-xfvh-mfwq: A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISR2022-05-24
CVEList
Cisco IOx Application Framework Denial of Service Vulnerability2021-03-24

📋Vendor Advisories

2
Red Hat
kernel: net: usb: fix memory leak in smsc75xx_bind2024-03-25
Cisco
Cisco IOx Application Framework Denial of Service Vulnerability2021-03-24