10

CVE-2021-34727

EPSS 1%
Veröffentlicht 23.09.2021 03:15:19
Zuletzt bearbeitet 21.11.2024 06:11:03
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Xe Sd-wan Version-

   Cisco ≫ 1000 Integrated Services Router Version-
   Cisco ≫ 1100-4g/6g Integrated Services Router Version-
   Cisco ≫ 1100-4p Integrated Services Router Version-
   Cisco ≫ 1100-8p Integrated Services Router Version-
   Cisco ≫ 1100 Integrated Services Router Version-
   Cisco ≫ 1101-4p Integrated Services Router Version-
   Cisco ≫ 1101 Integrated Services Router Version-
   Cisco ≫ 1109-2p Integrated Services Router Version-
   Cisco ≫ 1109-4p Integrated Services Router Version-
   Cisco ≫ 1109 Integrated Services Router Version-
   Cisco ≫ 1111x-8p Integrated Services Router Version-
   Cisco ≫ 1111x Integrated Services Router Version-
   Cisco ≫ 111x Integrated Services Router Version-
   Cisco ≫ 1120 Integrated Services Router Version-
   Cisco ≫ 1160 Integrated Services Router Version-
   Cisco ≫ 4000 Integrated Services Router Version-
   Cisco ≫ 422 Integrated Services Router Version-
   Cisco ≫ 4221 Integrated Services Router Version-
   Cisco ≫ 4321 Integrated Services Router Version-
   Cisco ≫ 4331 Integrated Services Router Version-
   Cisco ≫ 4351 Integrated Services Router Version-
   Cisco ≫ 4431 Integrated Services Router Version-
   Cisco ≫ 4451-x Integrated Services Router Version-
   Cisco ≫ 4451 Integrated Services Router Version-
   Cisco ≫ 4461 Integrated Services Router Version-
   Cisco ≫ Asr 1000 Version-
   Cisco ≫ Asr 1000-esp100 Version-
   Cisco ≫ Asr 1000-x Version-
   Cisco ≫ Asr 1000 Series Version-
   Cisco ≫ Asr 1000 Series Route Processor (rp2) Version-
   Cisco ≫ Asr 1000 Series Route Processor (rp3) Version-
   Cisco ≫ Asr 1001 Version-
   Cisco ≫ Asr 1001-hx Version-
   Cisco ≫ Asr 1001-hx R Version-
   Cisco ≫ Asr 1001-x Version-
   Cisco ≫ Asr 1001-x R Version-
   Cisco ≫ Asr 1002 Version-
   Cisco ≫ Asr 1002-hx Version-
   Cisco ≫ Asr 1002-hx R Version-
   Cisco ≫ Asr 1002-x Version-
   Cisco ≫ Asr 1002-x R Version-
   Cisco ≫ Asr 1004 Version-
   Cisco ≫ Asr 1006 Version-
   Cisco ≫ Asr 1006-x Version-
   Cisco ≫ Asr 1009-x Version-
   Cisco ≫ Asr 1013 Version-
   Cisco ≫ Asr 1023 Version-
   Cisco ≫ Csr 1000v Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1%	0.749

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C
psirt@cisco.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-34727

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-34727

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-34727

EUVD