CVE-2021-1624

HIGH Year: 2021
CVSS v3 Score
8.6
High
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-399
View all →

Vulnerability Description

A vulnerability in the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to mishandling of the rate limiting feature within the QuantumFlow Processor. An attacker could exploit this vulnerability by sending large amounts of traffic that would be subject to NAT and rate limiting through an affected device. A successful exploit could allow the attacker to cause the QuantumFlow Processor utilization to reach 100 percent on the affected device, resulting in a DoS condition.

Related Vulnerabilities

CVE-2016-6368

HIGH
CVSS:8.6(High)

A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a den...

CWE-3992016

CVE-2016-9225

HIGH
CVSS:8.6(High)

A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX mo...

CWE-3992016

CVE-2017-12245

HIGH
CVSS:8.6(High)

A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detecti...

CWE-3992017

CVE-2017-12246

HIGH
CVSS:8.6(High)

A vulnerability in the implementation of the direct authentication feature in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected devi...

CWE-3992017

CVE-2017-3790

HIGH
CVSS:8.6(High)

A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a rel...

CWE-3992017

CVE-2017-3864

HIGH
CVSS:8.6(High)

A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial ...

CWE-3992017