Strix
26.1K

CVE-2021-34699

HIGHCVSS 7.7/10EPSS 1.15%

Last modified

CVE-2021-34699 is a high-severity vulnerability rated 7.7/10 on the CVSS scale. A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. EPSS estimates a 1.15% chance of exploitation in the next 30 days.

Description

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerability by requesting a particular CLI command to be run through the web UI. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Metrics

CVSS 3.1
7.7/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS Probability
1.15%

62.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoIos12.2\(6\)i1
CiscoIos15.0\(1\)sy
CiscoIos15.0\(1\)sy1
CiscoIos15.0\(1\)sy2
CiscoIos15.0\(1\)sy3
CiscoIos15.0\(1\)sy4
CiscoIos15.0\(1\)sy5
CiscoIos15.0\(1\)sy6
CiscoIos15.0\(1\)sy7
CiscoIos15.0\(1\)sy7a
CiscoIos15.0\(1\)sy8
CiscoIos15.0\(1\)sy9
CiscoIos15.0\(1\)sy10
CiscoIos15.0\(2\)ej
CiscoIos15.0\(2\)ej1
CiscoIos15.0\(2\)ek
CiscoIos15.0\(2\)ek1
CiscoIos15.0\(2\)ex
CiscoIos15.0\(2\)ex1
CiscoIos15.0\(2\)ex2
CiscoIos15.0\(2\)ex3
CiscoIos15.0\(2\)ex4
CiscoIos15.0\(2\)ex5
CiscoIos15.0\(2\)ex6
CiscoIos15.0\(2\)ex7
CiscoIos15.0\(2\)ex8
CiscoIos15.0\(2\)ex10
CiscoIos15.0\(2\)ex11
CiscoIos15.0\(2\)ex12
CiscoIos15.0\(2\)ex13
CiscoIos15.0\(2\)ey
CiscoIos15.0\(2\)ey1
CiscoIos15.0\(2\)ey2
CiscoIos15.0\(2\)ey3
CiscoIos15.0\(2\)ez
CiscoIos15.0\(2\)se
CiscoIos15.0\(2\)se1
CiscoIos15.0\(2\)se2
CiscoIos15.0\(2\)se3
CiscoIos15.0\(2\)se4
CiscoIos15.0\(2\)se5
CiscoIos15.0\(2\)se6
CiscoIos15.0\(2\)se7
CiscoIos15.0\(2\)se8
CiscoIos15.0\(2\)se9
CiscoIos15.0\(2\)se10
CiscoIos15.0\(2\)se10a
CiscoIos15.0\(2\)se11
CiscoIos15.0\(2\)se12
CiscoIos15.0\(2\)se13

Showing 50 of 834 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-34699?
A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerability by requesting a particular CLI command to be run through the web UI. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.
How severe is CVE-2021-34699?
CVE-2021-34699 has a CVSS score of 7.7/10 (HIGH severity). The EPSS model estimates a 1.15% probability of exploitation in the next 30 days.
How do I fix CVE-2021-34699?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-34699?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST