cnvd - cnvd-2021-24462

CNVD-2021-24462

Vulnerability from cnvd - Published: 2021-04-02

Title

Cisco IOx Application拒绝服务漏洞

Description

Cisco Iox是美国思科（Cisco）公司的一个结合了Cisco IOS和Linux OS用于安全网络连接以及开发IOT应用的安全开发环境。 Cisco IOx Application Framework的Cisco 809 Industrial Integrated Services Routers (Industrial ISRs)、Cisco 829 Industrial ISRs、Cisco CGR 1000 Compute Module和Cisco IC3000 Industrial Compute Gateway存在拒绝服务漏洞。该漏洞源于数据包处理期间错误处理不足。远程攻击者可利用该漏洞通过发送特制的TCP流量利用该漏洞造成IOx Web服务器停止处理请求，从而导致DoS状态。

Severity

中

Patch Name

Cisco IOx Application拒绝服务漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-1460

Impacted products

Name
['Cisco 809 Industrial Integrated Services Routers', 'Cisco 829 Industrial Integrated Services Routers', 'Cisco cgr1000', 'Cisco IC3000 Industrial Compute Gateway']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-1460",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-1460"
    }
  },
  "description": "Cisco Iox\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7ed3\u5408\u4e86Cisco IOS\u548cLinux OS\u7528\u4e8e\u5b89\u5168\u7f51\u7edc\u8fde\u63a5\u4ee5\u53ca\u5f00\u53d1IOT\u5e94\u7528\u7684\u5b89\u5168\u5f00\u53d1\u73af\u5883\u3002\n\nCisco IOx Application Framework\u7684Cisco 809 Industrial Integrated Services Routers (Industrial ISRs)\u3001Cisco 829 Industrial ISRs\u3001Cisco CGR 1000 Compute Module\u548cCisco IC3000 Industrial Compute Gateway\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u6570\u636e\u5305\u5904\u7406\u671f\u95f4\u9519\u8bef\u5904\u7406\u4e0d\u8db3\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684TCP\u6d41\u91cf\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210IOx Web\u670d\u52a1\u5668\u505c\u6b62\u5904\u7406\u8bf7\u6c42\uff0c\u4ece\u800c\u5bfc\u81f4DoS\u72b6\u6001\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-24462",
  "openTime": "2021-04-02",
  "patchDescription": "Cisco Iox\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7ed3\u5408\u4e86Cisco IOS\u548cLinux OS\u7528\u4e8e\u5b89\u5168\u7f51\u7edc\u8fde\u63a5\u4ee5\u53ca\u5f00\u53d1IOT\u5e94\u7528\u7684\u5b89\u5168\u5f00\u53d1\u73af\u5883\u3002\r\n\r\nCisco IOx Application Framework\u7684Cisco 809 Industrial Integrated Services Routers (Industrial ISRs)\u3001Cisco 829 Industrial ISRs\u3001Cisco CGR 1000 Compute Module\u548cCisco IC3000 Industrial Compute Gateway\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u6570\u636e\u5305\u5904\u7406\u671f\u95f4\u9519\u8bef\u5904\u7406\u4e0d\u8db3\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684TCP\u6d41\u91cf\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210IOx Web\u670d\u52a1\u5668\u505c\u6b62\u5904\u7406\u8bf7\u6c42\uff0c\u4ece\u800c\u5bfc\u81f4DoS\u72b6\u6001\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco IOx Application\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco 809 Industrial Integrated Services Routers",
      "Cisco 829 Industrial Integrated Services Routers",
      "Cisco cgr1000",
      "Cisco IC3000 Industrial Compute Gateway"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-1460",
  "serverity": "\u4e2d",
  "submitTime": "2021-03-29",
  "title": "Cisco IOx Application\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2021-1460 (GCVE-0-2021-1460)

Vulnerability from cvelistv5 – Published: 2021-03-24 20:06 – Updated: 2024-11-08 23:34

Summary

A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-400

Assigner

cisco

References

URL

Tags

https://tools.cisco.com/security/center/content/C…

vendor-advisoryx_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco IOS	Affected: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.445Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210324 Cisco IOx Application Framework  Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1460",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:03:18.333086Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:34:03.389Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-24T20:06:50",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210324 Cisco IOx Application Framework  Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iox-dos-4Fgcjh6",
        "defect": [
          [
            "CSCvt74967",
            "CSCvu19405",
            "CSCvv02734",
            "CSCvv02834"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOx Application Framework  Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-03-24T16:00:00",
          "ID": "CVE-2021-1460",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOx Application Framework  Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210324 Cisco IOx Application Framework  Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iox-dos-4Fgcjh6",
          "defect": [
            [
              "CSCvt74967",
              "CSCvu19405",
              "CSCvv02734",
              "CSCvv02834"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1460",
    "datePublished": "2021-03-24T20:06:50.388114Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:34:03.389Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2021-24462

CVE-2021-1460 (GCVE-0-2021-1460)

Tags

Sightings

Nomenclature