Main Vulnerability Database Vulnerabilities #VU56860

Protection Mechanism Failure in Cisco IOS XE - CVE-2021-1616

Published: September 24, 2021

Vulnerability identifier: #VU56860

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2021-1616

CWE-ID: CWE-693

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco IOS XE

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures in the H.323 application level gateway (ALG) used by the Network Address Translation (NAT) feature. A remote attacker can send a specially crafted traffic, bypass the ALG and open connections that should not be allowed to a remote device located behind the ALG

Remediation

Install updates from vendor's website.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-h323alg-bypass-4vy2MP2Q

Protection Mechanism Failure in Cisco IOS XE - CVE-2021-1616

Description

Remediation

External links

Please verify you're human