Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-1229

A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead to a denial of service (DoS) condition. This vulnerability is due to improper error handling when an IPv6-configured interface receives a specific type of ICMPv6 packet. An attacker could exploit this vulnerability by sending a sustained rate of crafted ICMPv6 packets to a local IPv6 address on a targeted device. A successful exploit could allow the attacker to cause a system memory leak in the ICMPv6 process on the device. As a result, the ICMPv6 process could run out of system memory and stop processing traffic. The device could then drop all ICMPv6 packets, causing traffic instability on the device. Restoring device functionality would require a device reboot.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 5.8, indicating it can be exploited remotely over the network with relatively low complexity without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts and limited availability for affected systems. Impacting 86 products from cisco, from cisco, from cisco and 83 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2021, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2021-02-24T20:15:12.707

Last Modified

2024-11-21T05:43:52.847

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: PARTIAL
Exploitability Score

8.6

Impact Score

2.9

Weaknesses
  • Type: Secondary
    CWE-401
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System cisco nx-os 5.2\(1\)sv5\(1.3a\) Yes
Hardware cisco nexus_1000_virtual_edge_for_vmware_vsphere - No
Hardware cisco nexus_1000v_switch_for_microsoft_hyper-v - No
Hardware cisco nexus_1000v_switch_for_vmware_vsphere - No
Operating System cisco nx-os 8.4\(3.53\) Yes
Hardware cisco mds_9148s - No
Hardware cisco mds_9250i - No
Hardware cisco mds_9706 - No
Hardware cisco mds_9710 - No
Hardware cisco nexus_3048 - No
Hardware cisco nexus_31108pv-v - No
Hardware cisco nexus_31108tc-v - No
Hardware cisco nexus_31128pq - No
Hardware cisco nexus_3132c-z - No
Hardware cisco nexus_3132q-v - No
Hardware cisco nexus_3132q-x - No
Hardware cisco nexus_3132q-xl - No
Hardware cisco nexus_3164q - No
Hardware cisco nexus_3172pq - No
Hardware cisco nexus_3172pq-xl - No
Hardware cisco nexus_3232c - No
Hardware cisco nexus_3264c-e - No
Hardware cisco nexus_3264q - No
Hardware cisco nexus_3408-s - No
Hardware cisco nexus_34180yc - No
Hardware cisco nexus_3432d-s - No
Hardware cisco nexus_3464c - No
Hardware cisco nexus_3524-x - No
Hardware cisco nexus_3524-xl - No
Hardware cisco nexus_3548-x - No
Hardware cisco nexus_3548-xl - No
Hardware cisco nexus_36180yc-r - No
Hardware cisco nexus_3636c-r - No
Hardware cisco nexus_5548p - No
Hardware cisco nexus_5548up - No
Hardware cisco nexus_5596t - No
Hardware cisco nexus_5596up - No
Hardware cisco nexus_56128p - No
Hardware cisco nexus_5624q - No
Hardware cisco nexus_5648q - No
Hardware cisco nexus_5672up - No
Hardware cisco nexus_5672up-16g - No
Hardware cisco nexus_5696q - No
Hardware cisco nexus_6001 - No
Hardware cisco nexus_6004 - No
Hardware cisco nexus_7000 - No
Hardware cisco nexus_7700 - No
Hardware cisco nexus_9000v - No
Hardware cisco nexus_92160yc-x - No
Hardware cisco nexus_9221c - No
Hardware cisco nexus_92300yc - No
Hardware cisco nexus_92304qc - No
Hardware cisco nexus_92348gc-x - No
Hardware cisco nexus_9236c - No
Hardware cisco nexus_9272q - No
Hardware cisco nexus_93108tc-ex - No
Hardware cisco nexus_93108tc-ex-24 - No
Hardware cisco nexus_93108tc-fx - No
Hardware cisco nexus_93108tc-fx-24 - No
Hardware cisco nexus_93120tx - No
Hardware cisco nexus_93128tx - No
Hardware cisco nexus_9316d-gx - No
Hardware cisco nexus_93180lc-ex - No
Hardware cisco nexus_93180yc-ex - No
Hardware cisco nexus_93180yc-ex-24 - No
Hardware cisco nexus_93180yc-fx - No
Hardware cisco nexus_93180yc-fx-24 - No
Hardware cisco nexus_93180yc-fx3 - No
Hardware cisco nexus_93180yc-fx3s - No
Hardware cisco nexus_93216tc-fx2 - No
Hardware cisco nexus_93240yc-fx2 - No
Hardware cisco nexus_9332pq - No
Hardware cisco nexus_93360yc-fx2 - No
Hardware cisco nexus_9336c-fx2 - No
Hardware cisco nexus_9336c-fx2-e - No
Hardware cisco nexus_9336pq - No
Hardware cisco nexus_9348gc-fxp - No
Hardware cisco nexus_93600cd-gx - No
Hardware cisco nexus_9364c - No
Hardware cisco nexus_9364c-gx - No
Hardware cisco nexus_9372px - No
Hardware cisco nexus_9372px-e - No
Hardware cisco nexus_9372tx - No
Hardware cisco nexus_9372tx-e - No
Hardware cisco nexus_9396px - No
Hardware cisco nexus_9396tx - No
Hardware cisco nexus_9508 - No
Operating System cisco nx-os 15.1\(2.31\) Yes
Hardware cisco nexus_9000v - No
Hardware cisco nexus_92160yc-x - No
Hardware cisco nexus_9221c - No
Hardware cisco nexus_92300yc - No
Hardware cisco nexus_92304qc - No
Hardware cisco nexus_92348gc-x - No
Hardware cisco nexus_9236c - No
Hardware cisco nexus_9272q - No
Hardware cisco nexus_93108tc-ex - No
Hardware cisco nexus_93108tc-ex-24 - No
Hardware cisco nexus_93108tc-fx - No
Hardware cisco nexus_93108tc-fx-24 - No
Hardware cisco nexus_93120tx - No
Hardware cisco nexus_93128tx - No
Hardware cisco nexus_9316d-gx - No
Hardware cisco nexus_93180lc-ex - No
Hardware cisco nexus_93180yc-ex - No
Hardware cisco nexus_93180yc-ex-24 - No
Hardware cisco nexus_93180yc-fx - No
Hardware cisco nexus_93180yc-fx-24 - No
Hardware cisco nexus_93180yc-fx3 - No
Hardware cisco nexus_93180yc-fx3s - No
Hardware cisco nexus_93216tc-fx2 - No
Hardware cisco nexus_93240yc-fx2 - No
Hardware cisco nexus_9332pq - No
Hardware cisco nexus_93360yc-fx2 - No
Hardware cisco nexus_9336c-fx2 - No
Hardware cisco nexus_9336c-fx2-e - No
Hardware cisco nexus_9336pq - No
Hardware cisco nexus_9348gc-fxp - No
Hardware cisco nexus_93600cd-gx - No
Hardware cisco nexus_9364c - No
Hardware cisco nexus_9364c-gx - No
Hardware cisco nexus_9372px - No
Hardware cisco nexus_9372px-e - No
Hardware cisco nexus_9372tx - No
Hardware cisco nexus_9372tx-e - No
Hardware cisco nexus_9396px - No
Hardware cisco nexus_9396tx - No
Hardware cisco nexus_9508 - No
References

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For cisco's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.