CVE-2021-1590

A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device.

Severity	MEDIUM
CVSS	5.3
CWE	CWE-787
KEV
Published	4 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco RV Series Routers	cisco-sa-nxos-login-blockfor-RwjGVEcu
Cisco Nexus Dashboard	cisco-sa-nxos-login-blockfor-RwjGVEcu
Cisco MDS 9000 Family of Multilayer Switches	cisco-sa-nxos-login-blockfor-RwjGVEcu
Cisco Firepower Extensible Operating System (FXOS)	cisco-sa-nxos-login-blockfor-RwjGVEcu
Cisco Catalyst PON Series Switches	cisco-sa-nxos-login-blockfor-RwjGVEcu
Cisco Unified Computing System (Managed)	cisco-sa-nxos-login-blockfor-RwjGVEcu
Cisco Nexus 7000 Series Switches	cisco-sa-nxos-login-blockfor-RwjGVEcu
Cisco Nexus 6000 Series Switches	cisco-sa-nxos-login-blockfor-RwjGVEcu
Cisco Nexus 5000 Series Switches	cisco-sa-nxos-login-blockfor-RwjGVEcu
Cisco NX-OS Software	cisco-sa-nxos-login-blockfor-RwjGVEcu
Cisco MDS 9000 Multilayer Directors and Fabric Switches	cisco-sa-nxos-login-blockfor-RwjGVEcu