#VU57122 Allocation of Resources Without Limits or Throttling in Cisco Systems, Inc products - CVE-2021-34735
Published: October 7, 2021
Vulnerability identifier: #VU57122
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2021-34735
CWE-ID: CWE-770
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
ATA 190 Series Analog Telephone Adapters
ATA 191 Analog Telephone Adapter
ATA 192 Multiplatform Analog Telephone Adapter
ATA 191 Multiplatform Analog Telephone Adapter
ATA 190 Series Analog Telephone Adapters
ATA 191 Analog Telephone Adapter
ATA 192 Multiplatform Analog Telephone Adapter
ATA 191 Multiplatform Analog Telephone Adapter
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to lack of proper rate limiting of ICMP packets on the Ethernet interface. A remote attacker can pass specially crafted data and cause a denial of service condition on the target system.
Remediation
Install updates from vendor's website.