Strix
26.1K

CVE-2021-1356

MEDIUMCVSS 4.3/10EPSS 0.94%

Last modified

CVE-2021-1356 is a medium-severity vulnerability rated 4.3/10 on the CVSS scale. Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient error handling in the web UI. EPSS estimates a 0.94% chance of exploitation in the next 30 days.

Description

Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient error handling in the web UI. An attacker could exploit these vulnerabilities by sending crafted HTTP packets to an affected device. A successful exploit could allow the attacker to cause the web UI software to become unresponsive and consume all available vty lines, preventing new session establishment and resulting in a DoS condition. Manual intervention would be required to regain web UI and vty session functionality. Note: These vulnerabilities do not affect the console connection.

Metrics

CVSS 3.1
4.3/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

EPSS Probability
0.94%

56.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoIos Xe3.15.1xbs
CiscoIos Xe3.15.2xbs
CiscoIos Xe17.1.1
CiscoIos Xe17.1.1a
CiscoIos Xe17.1.1s
CiscoIos Xe17.1.1t
CiscoIos Xe17.1.2
CiscoIos Xe17.2.1
CiscoIos Xe17.2.1a
CiscoIos Xe17.2.1r
CiscoIos Xe17.2.1v
CiscoIos Xe17.2.2
CiscoIos Xe17.2.3

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-1356?
Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient error handling in the web UI. An attacker could exploit these vulnerabilities by sending crafted HTTP packets to an affected device. A successful exploit could allow the attacker to cause the web UI software to become unresponsive and consume all available vty lines, preventing new session establishment and resulting in a DoS condition. Manual intervention would be required to regain web UI and vty session functionality. Note: These vulnerabilities do not affect the console connection.
How severe is CVE-2021-1356?
CVE-2021-1356 has a CVSS score of 4.3/10 (MEDIUM severity). The EPSS model estimates a 0.94% probability of exploitation in the next 30 days.
How do I fix CVE-2021-1356?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-1356?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST