CVE-2021-1521

EPSS 0.1%
Published 06.05.2021 13:15:11
Last modified 21.11.2024 05:44:32
Source psirt@cisco.com
Teams watchlist Login
Open Login

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. This vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected IP camera. A successful exploit could allow the attacker to cause the affected IP camera to reload unexpectedly, resulting in a denial of service (DoS) condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Affected products Warnungen 0 Metrics 4 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Video Surveillance 8400 Firmware Version < 1.0.9-11

Cisco ≫ Video Surveillance 8400 Version-

Cisco ≫ Video Surveillance 8000p Firmware Version < 1.0.9-11

Cisco ≫ Video Surveillance 8000p Version-

Cisco ≫ Video Surveillance 8020 Firmware Version < 1.0.9-11

Cisco ≫ Video Surveillance 8020 Version-

Cisco ≫ Video Surveillance 8030 Firmware Version < 1.0.9-11

Cisco ≫ Video Surveillance 8030 Version-

Cisco ≫ Video Surveillance 8070 Firmware Version < 1.0.9-11

Cisco ≫ Video Surveillance 8070 Version-

Cisco ≫ Video Surveillance 8620 Firmware Version < 1.0.9-11

Cisco ≫ Video Surveillance 8620 Version-

Cisco ≫ Video Surveillance 8630 Firmware Version < 1.0.9-11

Cisco ≫ Video Surveillance 8630 Version-

Cisco ≫ Video Surveillance 8930 Firmware Version < 1.0.9-11

Cisco ≫ Video Surveillance 8930 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.1%	0.249

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	6.1	6.5	6.9	AV:A/AC:L/Au:N/C:N/I:N/A:C
psirt@cisco.com	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcameras-dos-fc3F6LzT

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-1521

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-1521

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-1521

EUVD