CVE-2021-1586
Summary
| CVE | CVE-2021-1586 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-08-25 20:15:00 UTC |
| Updated | 2023-11-07 03:28:00 UTC |
| Description | A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition. |
Risk And Classification
Problem Types: CWE-345
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Nexus 9000v | - | All | All | All |
| Hardware | Cisco | Nexus 92160yc-x | - | All | All | All |
| Hardware | Cisco | Nexus 92300yc | - | All | All | All |
| Hardware | Cisco | Nexus 92304qc | - | All | All | All |
| Hardware | Cisco | Nexus 92348gc-x | - | All | All | All |
| Hardware | Cisco | Nexus 9236c | - | All | All | All |
| Hardware | Cisco | Nexus 9272q | - | All | All | All |
| Hardware | Cisco | Nexus 93108tc-ex | - | All | All | All |
| Hardware | Cisco | Nexus 93108tc-ex-24 | - | All | All | All |
| Hardware | Cisco | Nexus 93108tc-fx | - | All | All | All |
| Hardware | Cisco | Nexus 93108tc-fx-24 | - | All | All | All |
| Hardware | Cisco | Nexus 93108tc-fx3p | - | All | All | All |
| Hardware | Cisco | Nexus 93120tx | - | All | All | All |
| Hardware | Cisco | Nexus 93128tx | - | All | All | All |
| Hardware | Cisco | Nexus 9316d-gx | - | All | All | All |
| Hardware | Cisco | Nexus 93180lc-ex | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-ex | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-ex-24 | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-fx | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-fx-24 | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-fx3 | - | All | All | All |
| Hardware | Cisco | Nexus 93180yc-fx3s | - | All | All | All |
| Hardware | Cisco | Nexus 93216tc-fx2 | - | All | All | All |
| Hardware | Cisco | Nexus 93240yc-fx2 | - | All | All | All |
| Hardware | Cisco | Nexus 9332c | - | All | All | All |
| Hardware | Cisco | Nexus 9332pq | - | All | All | All |
| Hardware | Cisco | Nexus 93360yc-fx2 | - | All | All | All |
| Hardware | Cisco | Nexus 9336c-fx2 | - | All | All | All |
| Hardware | Cisco | Nexus 9336c-fx2-e | - | All | All | All |
| Hardware | Cisco | Nexus 9348gc-fxp | - | All | All | All |
| Hardware | Cisco | Nexus 93600cd-gx | - | All | All | All |
| Hardware | Cisco | Nexus 9364c | - | All | All | All |
| Hardware | Cisco | Nexus 9364c-gx | - | All | All | All |
| Hardware | Cisco | Nexus 9372px | - | All | All | All |
| Hardware | Cisco | Nexus 9372px-e | - | All | All | All |
| Hardware | Cisco | Nexus 9372tx | - | All | All | All |
| Hardware | Cisco | Nexus 9372tx-e | - | All | All | All |
| Hardware | Cisco | Nexus 9396px | - | All | All | All |
| Hardware | Cisco | Nexus 9396tx | - | All | All | All |
| Hardware | Cisco | Nexus 9508 | - | All | All | All |
| Operating System | Cisco | Nx-os | 15.0\(2e\) | All | All | All |
| Operating System | Cisco | Nx-os | 15.1\(1h\) | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability | CISCO | tools.cisco.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 317020 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability (cisco-sa-n9kaci-tcp-dos-YXukt6gM)