CVE-2021-1622

A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This vulnerability is due to a deadlock condition in the code when processing COPS packets under certain conditions. An attacker could exploit this vulnerability by sending COPS packets with high burst rates to an affected device. A successful exploit could allow the attacker to cause the CPU to consume excessive resources, which prevents other control plane processes from obtaining resources and results in a DoS.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:7600_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:cbr-8:-:*:*:*:*:*:*:*

Information

Published : 2021-09-22 20:15

Updated : 2021-11-23 05:10


NVD link : CVE-2021-1622

Mitre link : CVE-2021-1622


JSON object : View

CWE
CWE-667

Improper Locking

Advertisement

dedicated server usa

Products Affected

cisco

  • asr_901-6cz-ft-d
  • cbr-8
  • asr_901-6cz-ft-a
  • 7600_router
  • asr_901-6cz-f-d
  • ios_xe
  • asr_901-6cz-fs-d
  • asr_901-4c-ft-d
  • asr_901-12c-ft-d
  • asr_901-6cz-f-a
  • asr_901-12c-f-d
  • asr_901-6cz-fs-a
  • asr_901-4c-f-d