CVE-2021-1590
published 2021-08-25CVE-2021-1590: A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a…
medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_nx-os_software | — | — |
| cisco | nx-os | — | — |
| cisco | nx-os | — | — |
| cisco | nx-os | — | — |
| cisco | unified_computing_system | < 4.0\(4m\) | 4.0\(4m\) |
| cisco | unified_computing_system | >= 4.1 < 4.1\(3d\) | 4.1\(3d\) |