How severe is CVE-2021-1424?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2021-1424?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2021-1424 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Related Vulnerabilities

CVE-2010-0749

MEDIUM

CVSS:5.3(Medium)

Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the endgame.

CWE-1192010

CVE-2013-7490

MEDIUM

CVSS:5.3(Medium)

An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.

CWE-1192013

CVE-2015-8792

MEDIUM

CVSS:5.3(Medium)

The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers ...

CWE-1192015

CVE-2016-1907

MEDIUM

CVSS:5.3(Medium)

The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.

CWE-1192016

CVE-2016-9118

MEDIUM

CVSS:5.3(Medium)

Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.

CWE-1192016

CVE-2016-9797

MEDIUM

CVSS:5.3(Medium)

In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidum...

CWE-1192016