CVSS: 5.3EPSS: 0%CPEs: 105EXPL: 0CVE-2021-1590 – Cisco NX-OS Software system login block-for Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1590
A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device. Una vulnerabilidad en la implementación del comando system login block-for para el Software Cisco NX-OS, podría permitir a un atacante remoto no autenticado causar que un proceso de inicio de sesión se reinicie inesperadamente, causando una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-login-blockfor-RwjGVEcu • CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 69EXPL: 0CVE-2021-1588 – Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1588
A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation when an affected device is processing an MPLS echo-request or echo-reply packet. An attacker could exploit this vulnerability by sending malicious MPLS echo-request or echo-reply packets to an interface that is enabled for MPLS forwarding on the affected device. A successful exploit could allow the attacker to cause the MPLS OAM process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Una vulnerabilidad en la funcionalidad Operation, Administration, and Maintenance (OAM) de MPLS del Software Cisco NX-OS, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-mpls-oam-dos-sGO9x5GM • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 8.6EPSS: 0%CPEs: 63EXPL: 0CVE-2021-1587 – Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1587
A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv • CWE-115: Misinterpretation of Input CWE-436: Interpretation Conflict •
CVSS: 8.6EPSS: 0%CPEs: 42EXPL: 0CVE-2021-1586 – Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1586
A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. This vulnerability exists because TCP traffic sent to a specific port on an affected device is not properly sanitized. An attacker could exploit this vulnerability by sending crafted TCP data to a specific port that is listening on a public-facing IP address for the Multi-Pod or Multi-Site configuration. A successful exploit could allow the attacker to cause the device to restart unexpectedly, resulting in a DoS condition. Una vulnerabilidad en las configuraciones de red Multi-Pod o Multi-Site para Cisco Nexus 9000 Series Fabric Switches en el modo Application Centric Infrastructure (ACI) podría permitir a un atacante remoto no autenticado reiniciar inesperadamente el dispositivo, resultando en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.2EPSS: 0%CPEs: 42EXPL: 0CVE-2021-1584 – Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-1584
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root. Una vulnerabilidad en Cisco Nexus 9000 Series Fabric Switches en el modo Application Centric Infrastructure (ACI) podría permitir a un atacante local autenticado elevar los privilegios en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-mdvul-vrKVgNU • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •