Cisco ASR 5000 Series Software Vulnerability Could Lead to Denial of Service

CVE-2021-1424

5.3MEDIUM

Key Information

Vendor: Cisco
Status: Cisco Asr 5000 Series Software
Vendor: CVE Published:; 18 November 2024

Summary

A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Affected Version(s)

Cisco ASR 5000 Series Software = 21.15.7

Cisco ASR 5000 Series Software = 21.13.10

Cisco ASR 5000 Series Software = 21.14.1

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 18, 2024
Vulnerability Reserved
Nov 13, 2020

Collectors

NVD DatabaseMitre Database