Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-1368

A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.

Published

2021-02-24T20:15:13.473

Last Modified

2024-11-21T05:44:11.723

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

CVSSv2 Vector

AV:A/AC:M/Au:S/C:P/I:P/A:P

  • Access Vector: ADJACENT_NETWORK
  • Access Complexity: MEDIUM
  • Authentication: SINGLE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

4.4

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-787
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System cisco nx-os 8.4\(3.108\) Yes
Operating System cisco nx-os 8.4\(3.117\) Yes
Hardware cisco mds_9148s - No
Hardware cisco mds_9250i - No
Hardware cisco mds_9706 - No
Hardware cisco mds_9710 - No
Hardware cisco nexus_7000 - No
Hardware cisco nexus_7700 - No
Operating System cisco nx-os 7.0\(3\)i5\(2\) Yes
Operating System cisco nx-os 7.0\(3\)i7\(9\) Yes
Operating System cisco nx-os 9.3\(5\) Yes
Hardware cisco nexus_3048 - No
Hardware cisco nexus_31108pv-v - No
Hardware cisco nexus_31108tc-v - No
Hardware cisco nexus_31128pq - No
Hardware cisco nexus_3132c-z - No
Hardware cisco nexus_3132q-v - No
Hardware cisco nexus_3132q-x - No
Hardware cisco nexus_3132q-xl - No
Hardware cisco nexus_3164q - No
Hardware cisco nexus_3172pq - No
Hardware cisco nexus_3172pq-xl - No
Hardware cisco nexus_3232c - No
Hardware cisco nexus_3264c-e - No
Hardware cisco nexus_3264q - No
Hardware cisco nexus_3408-s - No
Hardware cisco nexus_34180yc - No
Hardware cisco nexus_3432d-s - No
Hardware cisco nexus_3464c - No
Hardware cisco nexus_3524-x - No
Hardware cisco nexus_3524-xl - No
Hardware cisco nexus_3548-x - No
Hardware cisco nexus_3548-xl - No
Hardware cisco nexus_36180yc-r - No
Hardware cisco nexus_3636c-r - No
Hardware cisco nexus_9000v - No
Hardware cisco nexus_92160yc-x - No
Hardware cisco nexus_9221c - No
Hardware cisco nexus_92300yc - No
Hardware cisco nexus_92304qc - No
Hardware cisco nexus_92348gc-x - No
Hardware cisco nexus_9236c - No
Hardware cisco nexus_9272q - No
Hardware cisco nexus_93108tc-ex - No
Hardware cisco nexus_93108tc-ex-24 - No
Hardware cisco nexus_93108tc-fx - No
Hardware cisco nexus_93108tc-fx-24 - No
Hardware cisco nexus_93120tx - No
Hardware cisco nexus_93128tx - No
Hardware cisco nexus_9316d-gx - No
Hardware cisco nexus_93180lc-ex - No
Hardware cisco nexus_93180yc-ex - No
Hardware cisco nexus_93180yc-ex-24 - No
Hardware cisco nexus_93180yc-fx - No
Hardware cisco nexus_93180yc-fx-24 - No
Hardware cisco nexus_93180yc-fx3 - No
Hardware cisco nexus_93180yc-fx3s - No
Hardware cisco nexus_93216tc-fx2 - No
Hardware cisco nexus_93240yc-fx2 - No
Hardware cisco nexus_9332pq - No
Hardware cisco nexus_93360yc-fx2 - No
Hardware cisco nexus_9336c-fx2 - No
Hardware cisco nexus_9336c-fx2-e - No
Hardware cisco nexus_9336pq - No
Hardware cisco nexus_9348gc-fxp - No
Hardware cisco nexus_93600cd-gx - No
Hardware cisco nexus_9364c - No
Hardware cisco nexus_9364c-gx - No
Hardware cisco nexus_9372px - No
Hardware cisco nexus_9372px-e - No
Hardware cisco nexus_9372tx - No
Hardware cisco nexus_9372tx-e - No
Hardware cisco nexus_9396px - No
Hardware cisco nexus_9396tx - No
Hardware cisco nexus_9508 - No
Operating System cisco nx-os 7.3\(8\)n1\(1\) Yes
Operating System cisco nx-os 7.3\(9\)n1\(0.823\) Yes
Hardware cisco nexus_5548p - No
Hardware cisco nexus_5548up - No
Hardware cisco nexus_5596t - No
Hardware cisco nexus_5596up - No
Hardware cisco nexus_56128p - No
Hardware cisco nexus_5624q - No
Hardware cisco nexus_5648q - No
Hardware cisco nexus_5672up - No
Hardware cisco nexus_5672up-16g - No
Hardware cisco nexus_5696q - No
Hardware cisco nexus_6001 - No
Hardware cisco nexus_6004 - No
Application cisco unified_computing_system < 4.0\(4i\) Yes
Application cisco unified_computing_system < 4.1\(2c\) Yes
Hardware cisco ucs_6248up - No
Hardware cisco ucs_6296up - No
Hardware cisco ucs_6324 - No
Hardware cisco ucs_6332 - No
Hardware cisco ucs_6332-16up - No
Hardware cisco ucs_64108 - No
Hardware cisco ucs_6454 - No
Operating System cisco firepower_extensible_operating_system r231 Yes
Hardware cisco firepower_4110 - No
Hardware cisco firepower_4112 - No
Hardware cisco firepower_4115 - No
Hardware cisco firepower_4120 - No
Hardware cisco firepower_4125 - No
Hardware cisco firepower_4140 - No
Hardware cisco firepower_4145 - No
Hardware cisco firepower_4150 - No
Hardware cisco firepower_9300 - No
References