CVE-2021-1439
Published Mar 24, 2021
Last updated a year ago
Overview
- Description
- A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of incoming mDNS traffic. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device through a wireless network that is configured in FlexConnect local switching mode or through a wired network on a configured mDNS VLAN. A successful exploit could allow the attacker to cause the access point (AP) to reboot, resulting in a DoS condition.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.4
- Impact score
- 4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 3.3
- Impact score
- 2.9
- Exploitability score
- 6.5
- Vector string
- AV:A/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- ykramarz@cisco.com
- CWE-120
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D48036EE-DE42-412A-B3C9-CBCE7414DB33"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822"
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711"
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B"
},
{
"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493"
},
{
"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E"
},
{
"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4"
},
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303"
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70"
},
{
"criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BDFBA81-4DF6-4BC8-8D16-2520510ADE2E",
"versionEndExcluding": "17.3.3",
"versionStartIncluding": "17.1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]