CVE-2021-1377 | ByteOS Network

Vulnerability Details :

CVE-2021-1377

Assigner-cisco

Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633

Published At-24 Mar, 2021 | 20:10

Updated At-08 Nov, 2024 | 23:32

Cisco IOS and IOS XE Software ARP Resource Management Exhaustion Denial of Service Vulnerability

A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resolving ARP entries for legitimate hosts on the connected subnets. This vulnerability exists because ARP entries are mismanaged. An attacker could exploit this vulnerability by continuously sending traffic that results in incomplete ARP entries. A successful exploit could allow the attacker to cause ARP requests on the device to be unsuccessful for legitimate hosts, resulting in a denial of service (DoS) condition.

EPSS History

Score

Latest Score

-

N/A

Percentile

Latest Percentile

-

N/A

▼Common Vulnerabilities and Exposures (CVE)

Assigner:cisco

Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633

Published At:24 Mar, 2021 | 20:10

Updated At:08 Nov, 2024 | 23:32

▼CVE Numbering Authority (CNA)

Cisco IOS and IOS XE Software ARP Resource Management Exhaustion Denial of Service Vulnerability

A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resolving ARP entries for legitimate hosts on the connected subnets. This vulnerability exists because ARP entries are mismanaged. An attacker could exploit this vulnerability by continuously sending traffic that results in incomplete ARP entries. A successful exploit could allow the attacker to cause ARP requests on the device to be unsuccessful for legitimate hosts, resulting in a denial of service (DoS) condition.

Affected Products

Vendor

Cisco Systems, Inc.

Product

Versions

Affected

n/a

Problem Types

Type	CWE ID	Description
CWE	CWE-399	CWE-399

Type: CWE

CWE ID: CWE-399

Description: CWE-399

Metrics

Version	Base score	Base severity	Vector
3.1	5.8	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Version: 3.1

Base score: 5.8

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Exploits

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

References

Hyperlink	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE	vendor-advisory x_refsource_CISCO

Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE

Resource:

vendor-advisory

x_refsource_CISCO

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE	vendor-advisory x_refsource_CISCO x_transferred

Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE

Resource:

vendor-advisory

x_refsource_CISCO

x_transferred

2. CISA ADP Vulnrichment

Metrics Other Info

▼National Vulnerability Database (NVD)

Source:ykramarz@cisco.com

Published At:24 Mar, 2021 | 20:15

Updated At:07 Nov, 2023 | 03:28

A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resolving ARP entries for legitimate hosts on the connected subnets. This vulnerability exists because ARP entries are mismanaged. An attacker could exploit this vulnerability by continuously sending traffic that results in incomplete ARP entries. A successful exploit could allow the attacker to cause ARP requests on the device to be unsuccessful for legitimate hosts, resulting in a denial of service (DoS) condition.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	5.8	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Secondary	3.1	5.8	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P

Type: Primary

Version: 3.1

Base score: 5.8

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Type: Secondary

Version: 3.1

Base score: 5.8

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Type: Primary

Version: 2.0

Base score: 5.0

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:N/C:N/I:N/A:P

CPE Matches

Cisco Systems, Inc.

>>ios>>12.2\(6\)i1

cpe:2.3:o:cisco:ios:12.2\(6\)i1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.1\(3\)svr1

cpe:2.3:o:cisco:ios:15.1\(3\)svr1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.1\(3\)svr2

cpe:2.3:o:cisco:ios:15.1\(3\)svr2:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.1\(3\)svr3

cpe:2.3:o:cisco:ios:15.1\(3\)svr3:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.1\(3\)svs

cpe:2.3:o:cisco:ios:15.1\(3\)svs:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.1\(3\)svs1

cpe:2.3:o:cisco:ios:15.1\(3\)svs1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(2\)e6

cpe:2.3:o:cisco:ios:15.2\(2\)e6:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(2\)e7

cpe:2.3:o:cisco:ios:15.2\(2\)e7:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(2\)e7b

cpe:2.3:o:cisco:ios:15.2\(2\)e7b:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(2\)e8

cpe:2.3:o:cisco:ios:15.2\(2\)e8:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(2\)e9

cpe:2.3:o:cisco:ios:15.2\(2\)e9:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(2\)e9a

cpe:2.3:o:cisco:ios:15.2\(2\)e9a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(2\)e10

cpe:2.3:o:cisco:ios:15.2\(2\)e10:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(3\)e5

cpe:2.3:o:cisco:ios:15.2\(3\)e5:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)e4

cpe:2.3:o:cisco:ios:15.2\(4\)e4:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)e5

cpe:2.3:o:cisco:ios:15.2\(4\)e5:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)e5a

cpe:2.3:o:cisco:ios:15.2\(4\)e5a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)e6

cpe:2.3:o:cisco:ios:15.2\(4\)e6:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)e7

cpe:2.3:o:cisco:ios:15.2\(4\)e7:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)e8

cpe:2.3:o:cisco:ios:15.2\(4\)e8:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)e9

cpe:2.3:o:cisco:ios:15.2\(4\)e9:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)e10

cpe:2.3:o:cisco:ios:15.2\(4\)e10:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)e10a

cpe:2.3:o:cisco:ios:15.2\(4\)e10a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)ea6

cpe:2.3:o:cisco:ios:15.2\(4\)ea6:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)ea7

cpe:2.3:o:cisco:ios:15.2\(4\)ea7:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)ea8

cpe:2.3:o:cisco:ios:15.2\(4\)ea8:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)ea9

cpe:2.3:o:cisco:ios:15.2\(4\)ea9:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)ea9a

cpe:2.3:o:cisco:ios:15.2\(4\)ea9a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(4\)ea10

cpe:2.3:o:cisco:ios:15.2\(4\)ea10:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(5\)e1

cpe:2.3:o:cisco:ios:15.2\(5\)e1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(5\)e2

cpe:2.3:o:cisco:ios:15.2\(5\)e2:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(5\)e2b

cpe:2.3:o:cisco:ios:15.2\(5\)e2b:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(5\)e2c

cpe:2.3:o:cisco:ios:15.2\(5\)e2c:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(5\)ex

cpe:2.3:o:cisco:ios:15.2\(5\)ex:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(5a\)e1

cpe:2.3:o:cisco:ios:15.2\(5a\)e1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(6\)e

cpe:2.3:o:cisco:ios:15.2\(6\)e:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(6\)e0a

cpe:2.3:o:cisco:ios:15.2\(6\)e0a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(6\)e0c

cpe:2.3:o:cisco:ios:15.2\(6\)e0c:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(6\)e1

cpe:2.3:o:cisco:ios:15.2\(6\)e1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(6\)e1a

cpe:2.3:o:cisco:ios:15.2\(6\)e1a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(6\)e1s

cpe:2.3:o:cisco:ios:15.2\(6\)e1s:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(6\)e2

cpe:2.3:o:cisco:ios:15.2\(6\)e2:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(6\)e2a

cpe:2.3:o:cisco:ios:15.2\(6\)e2a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(6\)e2b

cpe:2.3:o:cisco:ios:15.2\(6\)e2b:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(6\)e3

cpe:2.3:o:cisco:ios:15.2\(6\)e3:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(6\)eb

cpe:2.3:o:cisco:ios:15.2\(6\)eb:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(7\)e

cpe:2.3:o:cisco:ios:15.2\(7\)e:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(7\)e0a

cpe:2.3:o:cisco:ios:15.2\(7\)e0a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(7\)e0b

cpe:2.3:o:cisco:ios:15.2\(7\)e0b:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios>>15.2\(7\)e0s

cpe:2.3:o:cisco:ios:15.2\(7\)e0s:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-noinfo	Primary	nvd@nist.gov
CWE-399	Secondary	ykramarz@cisco.com

CWE ID: NVD-CWE-noinfo

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-399

Type: Secondary

Source: ykramarz@cisco.com

References

Hyperlink	Source	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE	ykramarz@cisco.com	Vendor Advisory

Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE

Source: ykramarz@cisco.com

Resource:

Vendor Advisory