Vulnslist

find the latest Cisco vulnerabilities

Cisco NX-OS Software Protocol Independent Multicast Denial of Service Vulnerability

cisco-sa-nxos-pim-dos-Y8SjMz4 · Medium · Published · Updated

A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted PIM packet to an affected device. A successful exploit could allow the attacker to cause a traffic loop, resulting in a DoS condition.  Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-dos-Y8SjMz4

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2021-1367
Cisco Bug IDsCSCvv98438
CVSS ScoreBase 4.3
Base 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:X
Product Names From Source
Cisco NX-OS Software 7.0(3)F3(1), Cisco NX-OS Software 7.0(3)F3(3), Cisco NX-OS Software 7.0(3)F3(3a), Cisco NX-OS Software 7.0(3)F3(4), Cisco NX-OS Software 7.0(3)F3(3c), Cisco NX-OS Software 7.0(3)F3(5), Cisco NX-OS Software 9.2(1), Cisco NX-OS Software 9.2(2), Cisco NX-OS Software 9.2(3), Cisco NX-OS Software 9.2(3y), Cisco NX-OS Software 9.2(4), Cisco NX-OS Software 9.3(1), Cisco NX-OS Software 9.3(2), Cisco NX-OS Software 9.3(3), Cisco NX-OS Software 9.3(1z), Cisco NX-OS Software 9.3(4), Cisco NX-OS Software 9.3(5), Cisco NX-OS Software 9.3(5w), Cisco NX-OS Software, Cisco Nexus 9000 Series Switches

Related Products

Product CVE Evidence
Cisco NX-OS Software CVE-2021-1367 Cisco OpenVuln
Cisco Nexus 9000 Series Switches CVE-2021-1367 Cisco OpenVuln