CVE-2021-1587 is a vulnerability in Cisco Nx Os
Published on August 25, 2021
Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability
A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default.
Vulnerability Analysis
CVE-2021-1587 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
Misinterpretation of Input
The software misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.
Products Associated with CVE-2021-1587
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-1587 are published in Cisco Nx Os:
Affected Versions
Cisco NX-OS Software Version n/a is affected by CVE-2021-1587Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.