CVE-2021-1616Protection Mechanism Failure in Cisco IOS XE

CWE-693Protection Mechanism FailureCWE-20Improper Input Validation4 documents4 sources
Severity
4.7MEDIUMNVD
EPSS
0.4%
top 37.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOS XECisco IOS XE Software
Timeline
PublishedSep 23
Latest updateMay 24

Description

A vulnerability in the H.323 application level gateway (ALG) used by the Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass the ALG. This vulnerability is due to insufficient data validation of traffic that is traversing the ALG. An attacker could exploit this vulnerability by sending crafted traffic to a targeted device. A successful exploit could allow the attacker to bypass the ALG and open connections that should not b

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDcisco/ios_xe< 17.6.1

🔴Vulnerability Details

2
GHSA
GHSA-gh89-2x3x-p7j7: A vulnerability in the H2022-05-24
CVEList
Cisco IOS XE Software H.323 Application Level Gateway Bypass Vulnerability2021-09-23

📋Vendor Advisories

1
Cisco
Cisco IOS XE Software H.323 Application Level Gateway Bypass Vulnerability2021-09-22
CVE-2021-1616 — Protection Mechanism Failure in Cisco | cvebase