8.6
CVE-2021-1565
- EPSS 0.3%
- Published 23.09.2021 03:15:11
- Last modified 21.11.2024 05:44:38
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit the vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Embedded Wireless Controller
Cisco ≫ Catalyst 9300-24p-a Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9400 Version-
Cisco ≫ Catalyst 9400 Supervisor Engine-1 Version-
Cisco ≫ Catalyst 9407r Version-
Cisco ≫ Catalyst 9410r Version-
Cisco ≫ Catalyst 9500 Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9400 Version-
Cisco ≫ Catalyst 9400 Supervisor Engine-1 Version-
Cisco ≫ Catalyst 9407r Version-
Cisco ≫ Catalyst 9410r Version-
Cisco ≫ Catalyst 9500 Version-
Cisco ≫ Catalyst 9800 Firmware Version17.3
Cisco ≫ Catalyst 9800-40 Version-
Cisco ≫ Catalyst 9800-80 Version-
Cisco ≫ Catalyst 9800-cl Version-
Cisco ≫ Catalyst 9800-l Version-
Cisco ≫ Catalyst 9800-l-c Version-
Cisco ≫ Catalyst 9800-l-f Version-
Cisco ≫ Catalyst 9800-80 Version-
Cisco ≫ Catalyst 9800-cl Version-
Cisco ≫ Catalyst 9800-l Version-
Cisco ≫ Catalyst 9800-l-c Version-
Cisco ≫ Catalyst 9800-l-f Version-
Cisco ≫ Catalyst 9800 Firmware Version17.5.1
Cisco ≫ Catalyst 9800-40 Version-
Cisco ≫ Catalyst 9800-80 Version-
Cisco ≫ Catalyst 9800-cl Version-
Cisco ≫ Catalyst 9800-l Version-
Cisco ≫ Catalyst 9800-l-c Version-
Cisco ≫ Catalyst 9800-l-f Version-
Cisco ≫ Catalyst 9800-80 Version-
Cisco ≫ Catalyst 9800-cl Version-
Cisco ≫ Catalyst 9800-l Version-
Cisco ≫ Catalyst 9800-l-c Version-
Cisco ≫ Catalyst 9800-l-f Version-
Cisco ≫ Catalyst 9800 Firmware Version17.3
Cisco ≫ Catalyst 9800 Firmware Version17.5.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.3% | 0.527 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.6 | 3.9 | 4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| psirt@cisco.com | 8.6 | 3.9 | 4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
CWE-415 Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.