8.6

CVE-2021-1587

A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default.

Data is provided by the National Vulnerability Database (NVD)
CiscoNx-os Version-
   CiscoNexus 3000 Version-
   CiscoNexus 3048 Version-
   CiscoNexus 31108pc-v Version-
   CiscoNexus 31108tc-v Version-
   CiscoNexus 31128pq Version-
   CiscoNexus 3132c-z Version-
   CiscoNexus 3132q-v Version-
   CiscoNexus 3132q-x/3132q-xl Version-
   CiscoNexus 3164q Version-
   CiscoNexus 3172pq/pq-xl Version-
   CiscoNexus 3172tq-xl Version-
   CiscoNexus 3232c Version-
   CiscoNexus 3264c-e Version-
   CiscoNexus 3264q Version-
   CiscoNexus 3408-s Version-
   CiscoNexus 34180yc Version-
   CiscoNexus 3432d-s Version-
   CiscoNexus 3464c Version-
   CiscoNexus 3524-x/xl Version-
   CiscoNexus 3548-x/xl Version-
   CiscoNexus 36180yc-r Version-
   CiscoNexus 3636c-r Version-
   CiscoNexus 9000v Version-
   CiscoNexus 92160yc-x Version-
   CiscoNexus 92300yc Version-
   CiscoNexus 92304qc Version-
   CiscoNexus 92348gc-x Version-
   CiscoNexus 9236c Version-
   CiscoNexus 9272q Version-
   CiscoNexus 93108tc-ex Version-
   CiscoNexus 93108tc-ex-24 Version-
   CiscoNexus 93108tc-fx Version-
   CiscoNexus 93108tc-fx-24 Version-
   CiscoNexus 93108tc-fx3p Version-
   CiscoNexus 93120tx Version-
   CiscoNexus 93128tx Version-
   CiscoNexus 9316d-gx Version-
   CiscoNexus 93180lc-ex Version-
   CiscoNexus 93180yc-ex Version-
   CiscoNexus 93180yc-ex-24 Version-
   CiscoNexus 93180yc-fx Version-
   CiscoNexus 93180yc-fx-24 Version-
   CiscoNexus 93180yc-fx3 Version-
   CiscoNexus 93180yc-fx3s Version-
   CiscoNexus 93216tc-fx2 Version-
   CiscoNexus 93240yc-fx2 Version-
   CiscoNexus 9332c Version-
   CiscoNexus 9332pq Version-
   CiscoNexus 93360yc-fx2 Version-
   CiscoNexus 9336c-fx2 Version-
   CiscoNexus 9336c-fx2-e Version-
   CiscoNexus 9348gc-fxp Version-
   CiscoNexus 93600cd-gx Version-
   CiscoNexus 9364c Version-
   CiscoNexus 9364c-gx Version-
   CiscoNexus 9372px Version-
   CiscoNexus 9372px-e Version-
   CiscoNexus 9372tx Version-
   CiscoNexus 9372tx-e Version-
   CiscoNexus 9396px Version-
   CiscoNexus 9396tx Version-
   CiscoNexus 9508 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.35% 0.543
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.6 3.9 4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
psirt@cisco.com 8.6 3.9 4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CWE-115 Misinterpretation of Input

The product misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.

CWE-436 Interpretation Conflict

Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state.