CVE-2021-1586 - Vulnerability Details

Vendors	Products
Cisco	Nexus 9000v Nexus 92160yc-x Nexus 92300yc Nexus 92304qc Nexus 92348gc-x Nexus 9236c Nexus 9272q Nexus 93108tc-ex Nexus 93108tc-ex-24 Nexus 93108tc-fx Nexus 93108tc-fx-24 Nexus 93108tc-fx3p Nexus 93120tx Nexus 93128tx Nexus 9316d-gx Nexus 93180lc-ex Nexus 93180yc-ex Nexus 93180yc-ex-24 Nexus 93180yc-fx Nexus 93180yc-fx-24 Nexus 93180yc-fx3 Nexus 93180yc-fx3s Nexus 93216tc-fx2 Nexus 93240yc-fx2 Nexus 9332c Nexus 9332pq Nexus 93360yc-fx2 Nexus 9336c-fx2 Nexus 9336c-fx2-e Nexus 9348gc-fxp Nexus 93600cd-gx Nexus 9364c Nexus 9364c-gx Nexus 9372px Nexus 9372px-e Nexus 9372tx Nexus 9372tx-e Nexus 9396px Nexus 9396tx Nexus 9508 Nx-os

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Cisco NX-OS System Software in ACI Mode", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2021-08-25T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-345", "description": "CWE-345", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-25T19:10:59", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM"}], "source": {"advisory": "cisco-sa-n9kaci-tcp-dos-YXukt6gM", "defect": [["CSCvw87983"]], "discovery": "INTERNAL"}, "title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-08-25T16:00:00", "ID": "CVE-2021-1586", "STATE": "PUBLIC", "TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco NX-OS System Software in ACI Mode", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "8.6", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-345"}]}]}, "references": {"reference_data": [{"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM"}]}, "source": {"advisory": "cisco-sa-n9kaci-tcp-dos-YXukt6gM", "defect": [["CSCvw87983"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T16:18:10.396Z"}, "title": "CVE Program Container", "references": [{"name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-07T21:54:28.309256Z", "id": "CVE-2021-1586", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T22:02:32.217Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1586", "datePublished": "2021-08-25T19:10:59.639835Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-11-07T22:02:32.217Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Cisco NX-OS System Software in ACI Mode (string)

vendor : Cisco (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2021-08-25T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition. (string)

}

]

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 8.6 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H (string)

version : 3.1 (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-345 (string)

description : CWE-345 (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2021-08-25T19:10:59 (string)

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

}

references : [ »

0 : { »

name : 20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

}

]

source : { »

advisory : cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

defect : [ »

0 : [ »

0 : CSCvw87983 (string)

]

discovery : INTERNAL (string)

}

title : Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability (string)

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@cisco.com (string)

DATE_PUBLIC : 2021-08-25T16:00:00 (string)

ID : CVE-2021-1586 (string)

STATE : PUBLIC (string)

TITLE : Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Cisco NX-OS System Software in ACI Mode (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : Cisco (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition. (string)

}

]

}

exploit : [ »

0 : { »

lang : en (string)

value : The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. (string)

}

]

impact : { »

cvss : { »

baseScore : 8.6 (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H (string)

version : 3.0 (string)

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : CWE-345 (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability (string)

refsource : CISCO (string)

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

}

]

}

source : { »

advisory : cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

defect : [ »

0 : [ »

0 : CSCvw87983 (string)

]

discovery : INTERNAL (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T16:18:10.396Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

}

]

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-11-07T21:54:28.309256Z (string)

id : CVE-2021-1586 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : yes (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-11-07T22:02:32.217Z (string)

}

]

}

cveMetadata : { »

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

assignerShortName : cisco (string)

cveId : CVE-2021-1586 (string)

datePublished : 2021-08-25T19:10:59.639835Z (string)

dateReserved : 2020-11-13T00:00:00 (string)

dateUpdated : 2024-11-07T22:02:32.217Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM", "name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T16:18:10.396Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-1586", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-07T21:54:28.309256Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T21:45:34.480Z"}}], "cna": {"title": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability", "source": {"defect": [["CSCvw87983"]], "advisory": "cisco-sa-n9kaci-tcp-dos-YXukt6gM", "discovery": "INTERNAL"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco NX-OS System Software in ACI Mode", "versions": [{"status": "affected", "version": "n/a"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "datePublic": "2021-08-25T00:00:00", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM", "name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-345", "description": "CWE-345"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2021-08-25T19:10:59"}, "x_legacyV4Record": {"impact": {"cvss": {"version": "3.0", "baseScore": "8.6", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}}, "source": {"defect": [["CSCvw87983"]], "advisory": "cisco-sa-n9kaci-tcp-dos-YXukt6gM", "discovery": "INTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "Cisco NX-OS System Software in ACI Mode"}]}, "vendor_name": "Cisco"}]}}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM", "name": "20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability", "refsource": "CISCO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-345"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-1586", "STATE": "PUBLIC", "TITLE": "Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability", "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-08-25T16:00:00"}}}}, "cveMetadata": {"cveId": "CVE-2021-1586", "state": "PUBLISHED", "dateUpdated": "2024-11-07T22:02:32.217Z", "dateReserved": "2020-11-13T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2021-08-25T19:10:59.639835Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

name : 20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T16:18:10.396Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-1586 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : yes (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-11-07T21:54:28.309256Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-11-07T21:45:34.480Z (string)

}

]

cna : { »

title : Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability (string)

source : { »

defect : [ »

0 : [ »

0 : CSCvw87983 (string)

]

advisory : cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

discovery : INTERNAL (string)

}

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : CHANGED (string)

version : 3.1 (string)

baseScore : 8.6 (number)

attackVector : NETWORK (string)

baseSeverity : HIGH (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H (string)

integrityImpact : NONE (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : NONE (string)

confidentialityImpact : NONE (string)

}

]

affected : [ »

0 : { »

vendor : Cisco (string)

product : Cisco NX-OS System Software in ACI Mode (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. (string)

}

]

datePublic : 2021-08-25T00:00:00 (string)

references : [ »

0 : { »

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

name : 20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-345 (string)

description : CWE-345 (string)

}

]

}

]

providerMetadata : { »

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

dateUpdated : 2021-08-25T19:10:59 (string)

}

x_legacyV4Record : { »

impact : { »

cvss : { »

version : 3.0 (string)

baseScore : 8.6 (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H (string)

}

source : { »

defect : [ »

0 : [ »

0 : CSCvw87983 (string)

]

advisory : cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

discovery : INTERNAL (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

product_name : Cisco NX-OS System Software in ACI Mode (string)

}

]

}

vendor_name : Cisco (string)

}

]

}

exploit : [ »

0 : { »

lang : en (string)

value : The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. (string)

}

]

data_type : CVE (string)

references : { »

reference_data : [ »

0 : { »

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

name : 20210825 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability (string)

refsource : CISCO (string)

}

]

}

data_format : MITRE (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : CWE-345 (string)

}

]

}

]

}

data_version : 4.0 (string)

CVE_data_meta : { »

ID : CVE-2021-1586 (string)

STATE : PUBLIC (string)

TITLE : Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability (string)

ASSIGNER : psirt@cisco.com (string)

DATE_PUBLIC : 2021-08-25T16:00:00 (string)

}

cveMetadata : { »

cveId : CVE-2021-1586 (string)

state : PUBLISHED (string)

dateUpdated : 2024-11-07T22:02:32.217Z (string)

dateReserved : 2020-11-13T00:00:00 (string)

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

datePublished : 2021-08-25T19:10:59.639835Z (string)

assignerShortName : cisco (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:15.0\\(2e\\):*:*:*:*:*:*:*", "matchCriteriaId": "11E2E40A-CCD5-4CA7-826E-10923BED72E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:15.1\\(1h\\):*:*:*:*:*:*:*", "matchCriteriaId": "C78C9E79-C6DC-4FE3-8B79-A9BEBED9A67D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", "matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition."}, {"lang": "es", "value": "Una vulnerabilidad en las configuraciones de red Multi-Pod o Multi-Site para Cisco Nexus 9000 Series Fabric Switches en el modo Application Centric Infrastructure (ACI) podr\u00eda permitir a un atacante remoto no autenticado reiniciar inesperadamente el dispositivo, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se presenta porque el tr\u00e1fico TCP enviado a un puerto espec\u00edfico en un dispositivo afectado no se sanea apropiadamente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de datos TCP dise\u00f1ados a un puerto espec\u00edfico que est\u00e1 escuchando en una direcci\u00f3n IP p\u00fablica para la configuraci\u00f3n de Multi-Pod o Multi-Site. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo se reinicie inesperadamente, resultando en una condici\u00f3n de DoS."}], "id": "CVE-2021-1586", "lastModified": "2024-11-21T05:44:40.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-08-25T20:15:11.237", "references": [{"source": "ykramarz@cisco.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-345"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-345"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.0\(2e\):*:*:*:*:*:*:* (string)

matchCriteriaId : 11E2E40A-CCD5-4CA7-826E-10923BED72E8 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:cisco:nx-os:15.1\(1h\):*:*:*:*:*:*:* (string)

matchCriteriaId : C78C9E79-C6DC-4FE3-8B79-A9BEBED9A67D (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 0CD9C1F1-8582-4F67-A77D-97CBFECB88B8 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 4283E433-7F8C-4410-B565-471415445811 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F80AB6FB-32FD-43D7-A9F1-80FA47696210 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D5B2E4C1-2627-4B9D-8E92-4B483F647651 (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 557ED31C-C26A-4FAE-8B14-D06B49F7F08B (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 11411BFD-3F4D-4309-AB35-A3629A360FB0 (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E663DE91-C86D-48DC-B771-FA72A8DF7A7C (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A90184B3-C82F-4CE5-B2AD-97D5E4690871 (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 40E40F42-632A-47DF-BE33-DC25B826310B (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901 (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23 (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:* (string)

matchCriteriaId : BBEF7F26-BB47-44BD-872E-130820557C23 (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 07DE6F63-2C7D-415B-8C34-01EC05C062F3 (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F423E45D-A6DD-4305-9C6A-EAB26293E53A (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 102F91CD-DFB6-43D4-AE5B-DA157A696230 (string)

vulnerable : false (boolean)

}

15 : { »

criteria : cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E952A96A-0F48-4357-B7DD-1127D8827650 (string)

vulnerable : false (boolean)

}

16 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F70D81F1-8B12-4474-9060-B4934D8A3873 (string)

vulnerable : false (boolean)

}

17 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 5394DE31-3863-4CA9-B7B1-E5227183100D (string)

vulnerable : false (boolean)

}

18 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7349D69B-D8FA-4462-AA28-69DD18A652D9 (string)

vulnerable : false (boolean)

}

19 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : FE4BB834-2C00-4384-A78E-AF3BCDDC58AF (string)

vulnerable : false (boolean)

}

20 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F (string)

vulnerable : false (boolean)

}

21 : { »

criteria : cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CE49B45-F2E9-491D-9C29-1B46E9CE14E2 (string)

vulnerable : false (boolean)

}

22 : { »

criteria : cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26 (string)

vulnerable : false (boolean)

}

23 : { »

criteria : cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 91231DC6-2773-4238-8C14-A346F213B5E5 (string)

vulnerable : false (boolean)

}

24 : { »

criteria : cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 2DF88547-BAF4-47B0-9F60-80A30297FCEB (string)

vulnerable : false (boolean)

}

25 : { »

criteria : cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 113772B6-E9D2-4094-9468-3F4E1A87D07D (string)

vulnerable : false (boolean)

}

26 : { »

criteria : cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : C45A38D6-BED6-4FEF-AD87-A1E813695DE0 (string)

vulnerable : false (boolean)

}

27 : { »

criteria : cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F1FC2B1F-232E-4754-8076-CC82F3648730 (string)

vulnerable : false (boolean)

}

28 : { »

criteria : cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC (string)

vulnerable : false (boolean)

}

29 : { »

criteria : cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9 (string)

vulnerable : false (boolean)

}

30 : { »

criteria : cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 2CF467E2-4567-426E-8F48-39669E0F514C (string)

vulnerable : false (boolean)

}

31 : { »

criteria : cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 63842B25-8C32-4988-BBBD-61E9CB09B4F3 (string)

vulnerable : false (boolean)

}

32 : { »

criteria : cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 68EA1FEF-B6B6-49FE-A0A4-5387F76303F8 (string)

vulnerable : false (boolean)

}

33 : { »

criteria : cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 4364ADB9-8162-451D-806A-B98924E6B2CF (string)

vulnerable : false (boolean)

}

34 : { »

criteria : cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B53BCB42-ED61-4FCF-8068-CB467631C63C (string)

vulnerable : false (boolean)

}

35 : { »

criteria : cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 49E0371B-FDE2-473C-AA59-47E1269D050F (string)

vulnerable : false (boolean)

}

36 : { »

criteria : cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 489D11EC-5A18-4F32-BC7C-AC1FCEC27222 (string)

vulnerable : false (boolean)

}

37 : { »

criteria : cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 1BC5293E-F2B4-46DC-85DA-167EA323FCFD (string)

vulnerable : false (boolean)

}

38 : { »

criteria : cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EA022E77-6557-4A33-9A3A-D028E2DB669A (string)

vulnerable : false (boolean)

}

39 : { »

criteria : cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:* (string)

matchCriteriaId : DDC2F709-AFBE-48EA-A3A2-DA1134534FB6 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition. (string)

}

1 : { »

lang : es (string)

value : Una vulnerabilidad en las configuraciones de red Multi-Pod o Multi-Site para Cisco Nexus 9000 Series Fabric Switches en el modo Application Centric Infrastructure (ACI) podría permitir a un atacante remoto no autenticado reiniciar inesperadamente el dispositivo, resultando en una condición de denegación de servicio (DoS). Esta vulnerabilidad se presenta porque el tráfico TCP enviado a un puerto específico en un dispositivo afectado no se sanea apropiadamente. Un atacante podría explotar esta vulnerabilidad mediante el envío de datos TCP diseñados a un puerto específico que está escuchando en una dirección IP pública para la configuración de Multi-Pod o Multi-Site. Una explotación con éxito podría permitir al atacante causar que el dispositivo se reinicie inesperadamente, resultando en una condición de DoS. (string)

}

]

id : CVE-2021-1586 (string)

lastModified : 2024-11-21T05:44:40.963 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 8.6 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 4 (number)

source : ykramarz@cisco.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 8.6 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 4 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2021-08-25T20:15:11.237 (string)

references : [ »

0 : { »

source : ykramarz@cisco.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM (string)

}

]

sourceIdentifier : ykramarz@cisco.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-345 (string)

}

]

source : ykramarz@cisco.com (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-345 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object