Main Vulnerability Database Vulnerabilities #VU51769

Improper Check for Unusual or Exceptional Conditions in Cisco Systems, Inc products - CVE-2021-1446

Published: March 29, 2021

Vulnerability identifier: #VU51769

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2021-1446

CWE-ID: CWE-754

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Cisco Systems, Inc

Affected software:
Cisco IOS XE
Cisco ASR 1000 Series Aggregation Services Routers
Cloud Services Router 1000V Series
4000 Series Integrated Services Routers
Cisco 1000 Series Integrated Services Routers

Detailed vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a logic error that occurs when an affected device inspects certain DNS packets. A remote attacker can send specially crafted DNS packets and cause denial of service condition.

How to mitigate CVE-2021-1446

Install update from vendor's website.

Sources

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-alg-dos-hbBS7SZE

Improper Check for Unusual or Exceptional Conditions in Cisco Systems, Inc products - CVE-2021-1446

Detailed vulnerability description

How to mitigate CVE-2021-1446

Sources

Please verify you're human