Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

CVE-2021-1619

A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.

SeverityCRITICAL
CVSS9.8
CWECWE-824
KEV
Published
Modified

Related Products

Product Advisory Evidence
Cisco IOS cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln
Cisco Integrated Services Virtual Router cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln
Cisco 4000 Series Integrated Services Routers cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln
Cisco 1000 Series Integrated Services Routers cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln
Cisco Cloud Services Router 1000V Series cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln
Cisco 1100 Series Industrial Integrated Services Routers cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln
Cisco IOS XE Software cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln
Cisco IOS XE Catalyst SD-WAN cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln
Cisco ASR 1000 Series Aggregation Services Routers cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln
Cisco Catalyst 9600 Series Switches cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln · software-dependent
Cisco Catalyst 9500 Series Switches cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln · software-dependent
Cisco Catalyst 9400 Series Switches cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln · software-dependent
Cisco Catalyst 9200 Series Switches cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln · software-dependent
Cisco Catalyst 9300 Series Switches cisco-sa-aaa-Yx47ZT8Q Cisco OpenVuln · software-dependent