CVE-2021-1523

CWE-7724 documents4 sources

Severity

8.6HIGH

EPSS

0.5%

top 32.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Cisco Nx-os System Software IN ACI Mode Cisco Nx-os

Timeline

PublishedAug 25

Latest updateMay 24

Description

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in one or more leaf switches being removed from the fabric. This vulnerability is due to mishandling of ingress TCP traffic to a specific port. An attacker could exploit this vulnerability by sending a s…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

▶CVEListV5cisco/cisco_nx-os_system_software_in_aci_moden/a

▶NVDcisco/nx-os13.2\(3n\), 14.2\(4i\)+1

🔴Vulnerability Details

GHSA

GHSA-f58x-5qwh-88r6: A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote att↗2022-05-24

▶

CVEList

Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability↗2021-08-25

▶

📋Vendor Advisories

Cisco

Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability↗2021-08-25

▶