CVE-2021-1592

A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could exploit this vulnerability by opening a significant number of SSH sessions on an affected device. A successful exploit could allow the attacker to cause a crash and restart of internal Cisco UCS Manager software processes and a temporary loss of access to the Cisco UCS Manager CLI and web UI. Note: The attacker must have valid user credentials to authenticate to the affected device.

Severity	MEDIUM
CVSS	4.3
CWE	CWE-664
KEV
Published	4 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco RV Series Routers	cisco-sa-ucs-ssh-dos-MgvmyrQy
Cisco Nexus Dashboard	cisco-sa-ucs-ssh-dos-MgvmyrQy
Cisco NX-OS Software	cisco-sa-ucs-ssh-dos-MgvmyrQy
Cisco Firepower Extensible Operating System (FXOS)	cisco-sa-ucs-ssh-dos-MgvmyrQy
Cisco Catalyst PON Series Switches	cisco-sa-ucs-ssh-dos-MgvmyrQy
Cisco Application Centric Infrastructure Virtual Edge	cisco-sa-ucs-ssh-dos-MgvmyrQy
Cisco Unified Computing System (Managed)	cisco-sa-ucs-ssh-dos-MgvmyrQy