CVE-2021-1523
Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in one or more leaf switches being removed from the fabric. This vulnerability is due to mishandling of ingress TCP traffic to a specific port. An attacker could exploit this vulnerability by sending a stream of TCP packets to a specific port on a Switched Virtual Interface (SVI) configured on the device. A successful exploit could allow the attacker to cause a specific packet queue to queue network buffers but never process them, leading to an eventual queue wedge. This could cause control plane traffic to be dropped, resulting in a denial of service (DoS) condition where the leaf switches are unavailable. Note: This vulnerability requires a manual intervention to power-cycle the device to recover.
Una vulnerabilidad en Cisco Nexus 9000 Series Fabric Switches en el Modo Application Centric Infrastructure (ACI), podría permitir a un atacante remoto no autenticado causar un acuñamiento de queues en un switch de hoja, que podría resultar en una caída del tráfico crítico del plano de control en el dispositivo. Esto podría dar lugar a que uno o más switches de hoja sean eliminados de la estructura. Esta vulnerabilidad es debido a un manejo inapropiado del tráfico TCP de entrada a un puerto específico. Un atacante podría explotar esta vulnerabilidad mediante el envío de un flujo de paquetes TCP a un puerto específico en una Switched Virtual Interface configurada en el dispositivo. Una explotación con éxito podría permitir al atacante causar que una queue de paquetes específica ponga en queue los búferes de red pero nunca los procese, conllevando a un eventual acuñamiento de queues. Esto podría causar que el tráfico del plano de control se caiga, resultando en una condición de denegación de servicio (DoS) donde los switches de la hoja no están disponibles. Nota: Esta vulnerabilidad requiere una intervención manual para apagar el dispositivo y recuperarlo.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2020-11-13 CVE Reserved
- 2021-08-25 CVE Published
- 2024-05-10 EPSS Updated
- 2024-11-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-772: Missing Release of Resource after Effective Lifetime
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 13.2\(3n\) Search vendor "Cisco" for product "Nx-os" and version "13.2\(3n\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93120tx Search vendor "Cisco" for product "Nexus 93120tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 13.2\(3n\) Search vendor "Cisco" for product "Nx-os" and version "13.2\(3n\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93128tx Search vendor "Cisco" for product "Nexus 93128tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 13.2\(3n\) Search vendor "Cisco" for product "Nx-os" and version "13.2\(3n\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332pq Search vendor "Cisco" for product "Nexus 9332pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 13.2\(3n\) Search vendor "Cisco" for product "Nx-os" and version "13.2\(3n\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px Search vendor "Cisco" for product "Nexus 9372px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 13.2\(3n\) Search vendor "Cisco" for product "Nx-os" and version "13.2\(3n\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px-e Search vendor "Cisco" for product "Nexus 9372px-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 13.2\(3n\) Search vendor "Cisco" for product "Nx-os" and version "13.2\(3n\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx Search vendor "Cisco" for product "Nexus 9372tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 13.2\(3n\) Search vendor "Cisco" for product "Nx-os" and version "13.2\(3n\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx-e Search vendor "Cisco" for product "Nexus 9372tx-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 13.2\(3n\) Search vendor "Cisco" for product "Nx-os" and version "13.2\(3n\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396px Search vendor "Cisco" for product "Nexus 9396px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 13.2\(3n\) Search vendor "Cisco" for product "Nx-os" and version "13.2\(3n\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396tx Search vendor "Cisco" for product "Nexus 9396tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(4i\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(4i\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93120tx Search vendor "Cisco" for product "Nexus 93120tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(4i\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(4i\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93128tx Search vendor "Cisco" for product "Nexus 93128tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(4i\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(4i\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332pq Search vendor "Cisco" for product "Nexus 9332pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(4i\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(4i\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px Search vendor "Cisco" for product "Nexus 9372px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(4i\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(4i\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px-e Search vendor "Cisco" for product "Nexus 9372px-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(4i\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(4i\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx Search vendor "Cisco" for product "Nexus 9372tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(4i\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(4i\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx-e Search vendor "Cisco" for product "Nexus 9372tx-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(4i\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(4i\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396px Search vendor "Cisco" for product "Nexus 9396px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(4i\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(4i\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396tx Search vendor "Cisco" for product "Nexus 9396tx" | - | - |
Safe
|