Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-1590

A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 5.3, indicating it can be exploited remotely over the network with relatively low complexity without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts and limited availability for affected systems. Impacting 103 products from cisco, from cisco, from cisco and 100 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2021, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2021-08-25T20:15:11.657

Last Modified

2024-11-21T05:44:41.597

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-787
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	nx-os	7.0\(3\)i4\(0.116\)	Yes
Operating System	cisco	nx-os	7.3\(7\)n1\(1b\)	Yes
Hardware	cisco	nexus_3000	-	No
Hardware	cisco	nexus_3048	-	No
Hardware	cisco	nexus_31108pc-v	-	No
Hardware	cisco	nexus_31108tc-v	-	No
Hardware	cisco	nexus_31128pq	-	No
Hardware	cisco	nexus_3132c-z	-	No
Hardware	cisco	nexus_3132q-v	-	No
Hardware	cisco	nexus_3132q-x\/3132q-xl	-	No
Hardware	cisco	nexus_3164q	-	No
Hardware	cisco	nexus_3172pq\/pq-xl	-	No
Hardware	cisco	nexus_3172tq-xl	-	No
Hardware	cisco	nexus_3232c	-	No
Hardware	cisco	nexus_3264c-e	-	No
Hardware	cisco	nexus_3264q	-	No
Hardware	cisco	nexus_3408-s	-	No
Hardware	cisco	nexus_34180yc	-	No
Hardware	cisco	nexus_3432d-s	-	No
Hardware	cisco	nexus_3464c	-	No
Hardware	cisco	nexus_3524-x\/xl	-	No
Hardware	cisco	nexus_3548-x\/xl	-	No
Hardware	cisco	nexus_36180yc-r	-	No
Hardware	cisco	nexus_3636c-r	-	No
Hardware	cisco	nexus_5548p	-	No
Hardware	cisco	nexus_5548up	-	No
Hardware	cisco	nexus_5596t	-	No
Hardware	cisco	nexus_5596up	-	No
Hardware	cisco	nexus_56128p	-	No
Hardware	cisco	nexus_5624q	-	No
Hardware	cisco	nexus_5648q	-	No
Hardware	cisco	nexus_5672up	-	No
Hardware	cisco	nexus_5672up-16g	-	No
Hardware	cisco	nexus_5696q	-	No
Hardware	cisco	nexus_6001	-	No
Hardware	cisco	nexus_6004	-	No
Hardware	cisco	nexus_7000_10-slot	-	No
Hardware	cisco	nexus_7000_18-slot	-	No
Hardware	cisco	nexus_7000_4-slot	-	No
Hardware	cisco	nexus_7000_9-slot	-	No
Hardware	cisco	nexus_7000_supervisor_1	-	No
Hardware	cisco	nexus_7000_supervisor_2	-	No
Hardware	cisco	nexus_7000_supervisor_2e	-	No
Hardware	cisco	nexus_7004	-	No
Hardware	cisco	nexus_7009	-	No
Hardware	cisco	nexus_7010	-	No
Hardware	cisco	nexus_7018	-	No
Hardware	cisco	nexus_7700	-	No
Hardware	cisco	nexus_7700_10-slot	-	No
Hardware	cisco	nexus_7700_18-slot	-	No
Hardware	cisco	nexus_7700_2-slot	-	No
Hardware	cisco	nexus_7700_6-slot	-	No
Hardware	cisco	nexus_7700_supervisor_2e	-	No
Hardware	cisco	nexus_7700_supervisor_3e	-	No
Hardware	cisco	nexus_7702	-	No
Hardware	cisco	nexus_7706	-	No
Hardware	cisco	nexus_7710	-	No
Hardware	cisco	nexus_7718	-	No
Hardware	cisco	nexus_9000v	-	No
Hardware	cisco	nexus_92160yc-x	-	No
Hardware	cisco	nexus_92300yc	-	No
Hardware	cisco	nexus_92304qc	-	No
Hardware	cisco	nexus_92348gc-x	-	No
Hardware	cisco	nexus_9236c	-	No
Hardware	cisco	nexus_9272q	-	No
Hardware	cisco	nexus_93108tc-ex	-	No
Hardware	cisco	nexus_93108tc-ex-24	-	No
Hardware	cisco	nexus_93108tc-fx	-	No
Hardware	cisco	nexus_93108tc-fx-24	-	No
Hardware	cisco	nexus_93108tc-fx3p	-	No
Hardware	cisco	nexus_93120tx	-	No
Hardware	cisco	nexus_93128tx	-	No
Hardware	cisco	nexus_9316d-gx	-	No
Hardware	cisco	nexus_93180lc-ex	-	No
Hardware	cisco	nexus_93180yc-ex	-	No
Hardware	cisco	nexus_93180yc-ex-24	-	No
Hardware	cisco	nexus_93180yc-fx	-	No
Hardware	cisco	nexus_93180yc-fx-24	-	No
Hardware	cisco	nexus_93180yc-fx3	-	No
Hardware	cisco	nexus_93180yc-fx3s	-	No
Hardware	cisco	nexus_93216tc-fx2	-	No
Hardware	cisco	nexus_93240yc-fx2	-	No
Hardware	cisco	nexus_9332c	-	No
Hardware	cisco	nexus_9332pq	-	No
Hardware	cisco	nexus_93360yc-fx2	-	No
Hardware	cisco	nexus_9336c-fx2	-	No
Hardware	cisco	nexus_9336c-fx2-e	-	No
Hardware	cisco	nexus_9348gc-fxp	-	No
Hardware	cisco	nexus_93600cd-gx	-	No
Hardware	cisco	nexus_9364c	-	No
Hardware	cisco	nexus_9364c-gx	-	No
Hardware	cisco	nexus_9372px	-	No
Hardware	cisco	nexus_9372px-e	-	No
Hardware	cisco	nexus_9372tx	-	No
Hardware	cisco	nexus_9372tx-e	-	No
Hardware	cisco	nexus_9396px	-	No
Hardware	cisco	nexus_9396tx	-	No
Hardware	cisco	nexus_9508	-	No
Operating System	cisco	unified_computing_system	< 4.0\(4m\)	Yes
Operating System	cisco	unified_computing_system	< 4.1\(3d\)	Yes
Hardware	cisco	unified_computing_system_6248up	-	No
Hardware	cisco	unified_computing_system_6296up	-	No
Hardware	cisco	unified_computing_system_6324	-	No
Hardware	cisco	unified_computing_system_6332	-	No
Hardware	cisco	unified_computing_system_6332-16up	-	No

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-login-blockfor-RwjGVEcu Patch, Vendor Advisory ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-login-blockfor-RwjGVEcu Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For cisco's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.