CVE-2021-1622
Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Common Open Policy Service Denial of Service Vulnerability
Severity Score
8.6
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This vulnerability is due to a deadlock condition in the code when processing COPS packets under certain conditions. An attacker could exploit this vulnerability by sending COPS packets with high burst rates to an affected device. A successful exploit could allow the attacker to cause the CPU to consume excessive resources, which prevents other control plane processes from obtaining resources and results in a DoS.
Una vulnerabilidad en el Servicio de Política Abierta Común (COPS) de Cisco IOS XE Software para Cisco cBR-8 Converged Broadband Routers podría permitir a un atacante remoto no autenticado causar el agotamiento de los recursos, resultando en una condición de denegación de servicio (DoS). Esta vulnerabilidad es debido a una condición de bloqueo en el código cuando se procesan paquetes COPS bajo determinadas condiciones. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes COPS con altas tasas de ráfagas a un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar el consumo excesivo de recursos de la CPU, que impide que otros procesos del plano de control obtengan recursos y resulta en una DoS
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-11-13 CVE Reserved
- 2021-09-23 CVE Published
- 2024-06-07 EPSS Updated
- 2024-11-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-667: Improper Locking
- CWE-833: Deadlock
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8-cops-Vc2ZsJSx | 2023-11-07 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | 7600 Router Search vendor "Cisco" for product "7600 Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-12c-f-d Search vendor "Cisco" for product "Asr 901-12c-f-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-12c-ft-d Search vendor "Cisco" for product "Asr 901-12c-ft-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-4c-f-d Search vendor "Cisco" for product "Asr 901-4c-f-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-4c-ft-d Search vendor "Cisco" for product "Asr 901-4c-ft-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-f-a Search vendor "Cisco" for product "Asr 901-6cz-f-a" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-f-d Search vendor "Cisco" for product "Asr 901-6cz-f-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-fs-a Search vendor "Cisco" for product "Asr 901-6cz-fs-a" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-fs-d Search vendor "Cisco" for product "Asr 901-6cz-fs-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-ft-a Search vendor "Cisco" for product "Asr 901-6cz-ft-a" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-ft-d Search vendor "Cisco" for product "Asr 901-6cz-ft-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | < 16.12.1z1 Search vendor "Cisco" for product "Ios Xe" and version " < 16.12.1z1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Cbr-8 Search vendor "Cisco" for product "Cbr-8" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | 7600 Router Search vendor "Cisco" for product "7600 Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-12c-f-d Search vendor "Cisco" for product "Asr 901-12c-f-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-12c-ft-d Search vendor "Cisco" for product "Asr 901-12c-ft-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-4c-f-d Search vendor "Cisco" for product "Asr 901-4c-f-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-4c-ft-d Search vendor "Cisco" for product "Asr 901-4c-ft-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-f-a Search vendor "Cisco" for product "Asr 901-6cz-f-a" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-f-d Search vendor "Cisco" for product "Asr 901-6cz-f-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-fs-a Search vendor "Cisco" for product "Asr 901-6cz-fs-a" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-fs-d Search vendor "Cisco" for product "Asr 901-6cz-fs-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-ft-a Search vendor "Cisco" for product "Asr 901-6cz-ft-a" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 901-6cz-ft-d Search vendor "Cisco" for product "Asr 901-6cz-ft-d" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 17.3.1x Search vendor "Cisco" for product "Ios Xe" and version "17.3.1x" | - |
Affected
| in | Cisco Search vendor "Cisco" | Cbr-8 Search vendor "Cisco" for product "Cbr-8" | - | - |
Safe
|