8.6

CVE-2021-1624

A vulnerability in the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to mishandling of the rate limiting feature within the QuantumFlow Processor. An attacker could exploit this vulnerability by sending large amounts of traffic that would be subject to NAT and rate limiting through an affected device. A successful exploit could allow the attacker to cause the QuantumFlow Processor utilization to reach 100 percent on the affected device, resulting in a DoS condition.

Data is provided by the National Vulnerability Database (NVD)
CiscoIos Xe Version <= 17.3.3
   CiscoAsr 1000 Version-
   CiscoAsr 1000-esp100 Version-
   CiscoAsr 1000-x Version-
   CiscoAsr 1001 Version-
   CiscoAsr 1001-hx Version-
   CiscoAsr 1001-hx R Version-
   CiscoAsr 1001-x Version-
   CiscoAsr 1001-x R Version-
   CiscoAsr 1002 Version-
   CiscoAsr 1002-hx Version-
   CiscoAsr 1002-hx R Version-
   CiscoAsr 1002-x Version-
   CiscoAsr 1002-x R Version-
   CiscoAsr 1004 Version-
   CiscoAsr 1006 Version-
   CiscoAsr 1006-x Version-
   CiscoAsr 1009-x Version-
   CiscoAsr 1013 Version-
   CiscoAsr 1023 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.48% 0.643
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.6 3.9 4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
psirt@cisco.com 8.6 3.9 4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H