Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2022-00042

Опубликовано: 22 сент. 2021
Источник: fstec
CVSS3: 7.7
CVSS2: 6.3
EPSS Низкий

Описание

Уязвимость функции AutoReconnect операционных систем Cisco IOS XE и Cisco IOS связана с утечкой памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Вендор

Cisco Systems Inc.

Наименование ПО

Cisco IOS

Версия ПО

15.2(4)E (Cisco IOS)
15.2(5a)E1 (Cisco IOS)
15.2(4)E2 (Cisco IOS)
15.2(4m)E1 (Cisco IOS)
15.2(5)E (Cisco IOS)
15.2(4)E3 (Cisco IOS)
15.2(5)E1 (Cisco IOS)
15.2(4m)E3 (Cisco IOS)
15.2(4n)E2 (Cisco IOS)
15.2(4o)E2 (Cisco IOS)
15.2(4)E4 (Cisco IOS)
15.2(5)E2 (Cisco IOS)
15.2(4p)E1 (Cisco IOS)
15.2(6)E (Cisco IOS)
15.2(5)E2b (Cisco IOS)
15.2(4)E5 (Cisco IOS)
15.2(5)E2c (Cisco IOS)
15.2(4m)E2 (Cisco IOS)
15.2(4o)E3 (Cisco IOS)
15.2(4q)E1 (Cisco IOS)
15.2(6)E0a (Cisco IOS)
15.2(4)E5a (Cisco IOS)
15.2(6)E0c (Cisco IOS)
15.2(1)SY2 (Cisco IOS)
15.2(1)SY3 (Cisco IOS)
15.2(1)SY4 (Cisco IOS)
15.2(1)SY5 (Cisco IOS)
15.2(5)EX (Cisco IOS)
15.3(1)SY (Cisco IOS)
15.3(1)SY1 (Cisco IOS)
15.3(1)SY2 (Cisco IOS)
15.2(4)EC1 (Cisco IOS)
15.2(4)EC2 (Cisco IOS)
15.2(5a)E (Cisco IOS)
15.2(5b)E (Cisco IOS)
15.2(5c)E (Cisco IOS)
15.2(4s)E1 (Cisco IOS)
15.2(7)E (Cisco IOS)
12.2(6)I1 (Cisco IOS)
15.2(6)E1 (Cisco IOS)
15.2(4)E6 (Cisco IOS)
15.2(6)E1a (Cisco IOS)
15.2(4)E7 (Cisco IOS)
15.2(6)E1s (Cisco IOS)
15.2(4)EA (Cisco IOS)
15.2(4)EA1 (Cisco IOS)
15.2(4)EA3 (Cisco IOS)
15.2(5)EA (Cisco IOS)
15.2(4)EA4 (Cisco IOS)
15.2(4)EA2 (Cisco IOS)
15.2(4)EA5 (Cisco IOS)
15.2(4)EA6 (Cisco IOS)
15.2(4)EA7 (Cisco IOS)
15.2(4)EA8 (Cisco IOS)
15.2(4)EA9 (Cisco IOS)
15.2(1)SY6 (Cisco IOS)
15.2(1)SY7 (Cisco IOS)
15.3(0)SY (Cisco IOS)
15.3(3)JC6 (Cisco IOS)
15.3(3)JC8 (Cisco IOS)
15.2(4)E8 (Cisco IOS)
до 15.2(7)E4 (Cisco IOS)
15.1(3)SVR1 (Cisco IOS)
15.1(3)SVR2 (Cisco IOS)
15.1(3)SVR3 (Cisco IOS)
15.1(3)SVS (Cisco IOS)
15.1(3)SVS1 (Cisco IOS)
15.1(3)SVT1 (Cisco IOS)
15.1(3)SVT2 (Cisco IOS)
15.1(3)SVU1 (Cisco IOS)
15.2(1)SY8 (Cisco IOS)
15.2(4)E9 (Cisco IOS)
15.2(4)E10 (Cisco IOS)
15.2(4)E10A (Cisco IOS)
15.2(4)E10B (Cisco IOS)
15.2(4)EA9A (Cisco IOS)
15.2(6)E2 (Cisco IOS)
15.2(6)E2a (Cisco IOS)
15.2(6)E2b (Cisco IOS)
15.2(6)E3 (Cisco IOS)
15.2(6)Eb (Cisco IOS)
15.2(7)E0a (Cisco IOS)
15.2(7)E0b (Cisco IOS)
15.2(7)E0s (Cisco IOS)
15.2(7)E1 (Cisco IOS)
15.2(7)E1a (Cisco IOS)
15.2(7)E2 (Cisco IOS)
15.2(7)E2a (Cisco IOS)
15.2(7)E2b (Cisco IOS)
15.2(7)E3 (Cisco IOS)
15.2(7)E3a (Cisco IOS)
15.2(7)E3k (Cisco IOS)
15.2(7)E5 (Cisco IOS)
15.2(7)E99 (Cisco IOS)
15.2(7a)E0b (Cisco IOS)
15.2(7b)E0b (Cisco IOS)
15.2(8)E (Cisco IOS)
15.2(8)E1 (Cisco IOS)
15.2(234k)E (Cisco IOS)

Тип ПО

Операционная система

Операционные системы и аппаратные платформы

Cisco Systems Inc. Cisco IOS 15.2(4)E
Cisco Systems Inc. Cisco IOS 15.2(5a)E1
Cisco Systems Inc. Cisco IOS 15.2(4)E2
Cisco Systems Inc. Cisco IOS 15.2(4m)E1
Cisco Systems Inc. Cisco IOS 15.2(5)E
Cisco Systems Inc. Cisco IOS 15.2(4)E3
Cisco Systems Inc. Cisco IOS 15.2(5)E1
Cisco Systems Inc. Cisco IOS 15.2(4m)E3
Cisco Systems Inc. Cisco IOS 15.2(4n)E2
Cisco Systems Inc. Cisco IOS 15.2(4o)E2
Cisco Systems Inc. Cisco IOS 15.2(4)E4
Cisco Systems Inc. Cisco IOS 15.2(5)E2
Cisco Systems Inc. Cisco IOS 15.2(4p)E1
Cisco Systems Inc. Cisco IOS 15.2(6)E
Cisco Systems Inc. Cisco IOS 15.2(5)E2b
Cisco Systems Inc. Cisco IOS 15.2(4)E5
Cisco Systems Inc. Cisco IOS 15.2(5)E2c
Cisco Systems Inc. Cisco IOS 15.2(4m)E2
Cisco Systems Inc. Cisco IOS 15.2(4o)E3
Cisco Systems Inc. Cisco IOS 15.2(4q)E1
Cisco Systems Inc. Cisco IOS 15.2(6)E0a
Cisco Systems Inc. Cisco IOS 15.2(4)E5a
Cisco Systems Inc. Cisco IOS 15.2(6)E0c
Cisco Systems Inc. Cisco IOS 15.2(1)SY2
Cisco Systems Inc. Cisco IOS 15.2(1)SY3
Cisco Systems Inc. Cisco IOS 15.2(1)SY4
Cisco Systems Inc. Cisco IOS 15.2(1)SY5
Cisco Systems Inc. Cisco IOS 15.2(5)EX
Cisco Systems Inc. Cisco IOS 15.3(1)SY
Cisco Systems Inc. Cisco IOS 15.3(1)SY1
Cisco Systems Inc. Cisco IOS 15.3(1)SY2
Cisco Systems Inc. Cisco IOS 15.2(4)EC1
Cisco Systems Inc. Cisco IOS 15.2(4)EC2
Cisco Systems Inc. Cisco IOS 15.2(5a)E
Cisco Systems Inc. Cisco IOS 15.2(5b)E
Cisco Systems Inc. Cisco IOS 15.2(5c)E
Cisco Systems Inc. Cisco IOS 15.2(4s)E1
Cisco Systems Inc. Cisco IOS 15.2(7)E
Cisco Systems Inc. Cisco IOS 12.2(6)I1
Cisco Systems Inc. Cisco IOS 15.2(6)E1
Cisco Systems Inc. Cisco IOS 15.2(4)E6
Cisco Systems Inc. Cisco IOS 15.2(6)E1a
Cisco Systems Inc. Cisco IOS 15.2(4)E7
Cisco Systems Inc. Cisco IOS 15.2(6)E1s
Cisco Systems Inc. Cisco IOS 15.2(4)EA
Cisco Systems Inc. Cisco IOS 15.2(4)EA1
Cisco Systems Inc. Cisco IOS 15.2(4)EA3
Cisco Systems Inc. Cisco IOS 15.2(5)EA
Cisco Systems Inc. Cisco IOS 15.2(4)EA4
Cisco Systems Inc. Cisco IOS 15.2(4)EA2
Cisco Systems Inc. Cisco IOS 15.2(4)EA5
Cisco Systems Inc. Cisco IOS 15.2(4)EA6
Cisco Systems Inc. Cisco IOS 15.2(4)EA7
Cisco Systems Inc. Cisco IOS 15.2(4)EA8
Cisco Systems Inc. Cisco IOS 15.2(4)EA9
Cisco Systems Inc. Cisco IOS 15.2(1)SY6
Cisco Systems Inc. Cisco IOS 15.2(1)SY7
Cisco Systems Inc. Cisco IOS 15.3(0)SY
Cisco Systems Inc. Cisco IOS 15.3(3)JC6
Cisco Systems Inc. Cisco IOS 15.3(3)JC8
Cisco Systems Inc. Cisco IOS 15.2(4)E8
Cisco Systems Inc. Cisco IOS до 15.2(7)E4
Cisco Systems Inc. Cisco IOS 15.1(3)SVR1
Cisco Systems Inc. Cisco IOS 15.1(3)SVR2
Cisco Systems Inc. Cisco IOS 15.1(3)SVR3
Cisco Systems Inc. Cisco IOS 15.1(3)SVS
Cisco Systems Inc. Cisco IOS 15.1(3)SVS1
Cisco Systems Inc. Cisco IOS 15.1(3)SVT1
Cisco Systems Inc. Cisco IOS 15.1(3)SVT2
Cisco Systems Inc. Cisco IOS 15.1(3)SVU1
Cisco Systems Inc. Cisco IOS 15.2(1)SY8
Cisco Systems Inc. Cisco IOS 15.2(4)E9
Cisco Systems Inc. Cisco IOS 15.2(4)E10
Cisco Systems Inc. Cisco IOS 15.2(4)E10A
Cisco Systems Inc. Cisco IOS 15.2(4)E10B
Cisco Systems Inc. Cisco IOS 15.2(4)EA9A
Cisco Systems Inc. Cisco IOS 15.2(6)E2
Cisco Systems Inc. Cisco IOS 15.2(6)E2a
Cisco Systems Inc. Cisco IOS 15.2(6)E2b
Cisco Systems Inc. Cisco IOS 15.2(6)E3
Cisco Systems Inc. Cisco IOS 15.2(6)Eb
Cisco Systems Inc. Cisco IOS 15.2(7)E0a
Cisco Systems Inc. Cisco IOS 15.2(7)E0b
Cisco Systems Inc. Cisco IOS 15.2(7)E0s
Cisco Systems Inc. Cisco IOS 15.2(7)E1
Cisco Systems Inc. Cisco IOS 15.2(7)E1a
Cisco Systems Inc. Cisco IOS 15.2(7)E2
Cisco Systems Inc. Cisco IOS 15.2(7)E2a
Cisco Systems Inc. Cisco IOS 15.2(7)E2b
Cisco Systems Inc. Cisco IOS 15.2(7)E3
Cisco Systems Inc. Cisco IOS 15.2(7)E3a
Cisco Systems Inc. Cisco IOS 15.2(7)E3k
Cisco Systems Inc. Cisco IOS 15.2(7)E5
Cisco Systems Inc. Cisco IOS 15.2(7)E99
Cisco Systems Inc. Cisco IOS 15.2(7a)E0b
Cisco Systems Inc. Cisco IOS 15.2(7b)E0b
Cisco Systems Inc. Cisco IOS 15.2(8)E
Cisco Systems Inc. Cisco IOS 15.2(8)E1
Cisco Systems Inc. Cisco IOS 15.2(234k)E

Уровень опасности уязвимости

Средний уровень опасности (базовая оценка CVSS 2.0 составляет 6,3)
Высокий уровень опасности (базовая оценка CVSS 3.0 составляет 7,4)

Возможные меры по устранению уязвимости

Использование рекомендаций:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev2-ebFrwMPr

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 55%
0.0033
Низкий

7.7 High

CVSS3

6.3 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2021-1620

CVSS3: 7.7
nvd
больше 4 лет назад

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certain failure conditions. An attacker could exploit this vulnerability by trying to connect to the device with a non-AnyConnect client. A successful exploit could allow the attacker to exhaust the IP addresses from the assigned local pool, which prevents users from logging in and leads to a denial of service (DoS) condition.

github логотип

GHSA-hj64-pmxg-fcx3

CVSS3: 7.7
github
больше 3 лет назад

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certain failure conditions. An attacker could exploit this vulnerability by trying to connect to the device with a non-AnyConnect client. A successful exploit could allow the attacker to exhaust the IP addresses from the assigned local pool, which prevents users from logging in and leads to a denial of service (DoS) condition.

EPSS

Процентиль: 55%
0.0033
Низкий

7.7 High

CVSS3

6.3 Medium

CVSS2