CVE-2021-1377

24.03.2021, 20:15

A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resolving ARP entries for legitimate hosts on the connected subnets. This vulnerability exists because ARP entries are mismanaged. An attacker could exploit this vulnerability by continuously sending traffic that results in incomplete ARP entries. A successful exploit could allow the attacker to cause ARP requests on the device to be unsuccessful for legitimate hosts, resulting in a denial of service (DoS) condition.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.8 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
cisco	CNA	5.8 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 66%

Vendor	Product	Version
cisco	ios	12.2\(6\)i1
cisco	ios	15.1\(3\)svr1
cisco	ios	15.1\(3\)svr2
cisco	ios	15.1\(3\)svr3
cisco	ios	15.1\(3\)svs
cisco	ios	15.1\(3\)svs1
cisco	ios	15.2\(2\)e6
cisco	ios	15.2\(2\)e7
cisco	ios	15.2\(2\)e7b
cisco	ios	15.2\(2\)e8
cisco	ios	15.2\(2\)e9
cisco	ios	15.2\(2\)e9a
cisco	ios	15.2\(2\)e10
cisco	ios	15.2\(3\)e5
cisco	ios	15.2\(4\)e4
cisco	ios	15.2\(4\)e5
cisco	ios	15.2\(4\)e5a
cisco	ios	15.2\(4\)e6
cisco	ios	15.2\(4\)e7
cisco	ios	15.2\(4\)e8
cisco	ios	15.2\(4\)e9
cisco	ios	15.2\(4\)e10
cisco	ios	15.2\(4\)e10a
cisco	ios	15.2\(4\)ea6
cisco	ios	15.2\(4\)ea7
cisco	ios	15.2\(4\)ea8
cisco	ios	15.2\(4\)ea9
cisco	ios	15.2\(4\)ea9a
cisco	ios	15.2\(4\)ea10
cisco	ios	15.2\(5\)e1
cisco	ios	15.2\(5\)e2
cisco	ios	15.2\(5\)e2b
cisco	ios	15.2\(5\)e2c
cisco	ios	15.2\(5\)ex
cisco	ios	15.2\(5a\)e1
cisco	ios	15.2\(6\)e
cisco	ios	15.2\(6\)e0a
cisco	ios	15.2\(6\)e0c
cisco	ios	15.2\(6\)e1
cisco	ios	15.2\(6\)e1a
cisco	ios	15.2\(6\)e1s
cisco	ios	15.2\(6\)e2
cisco	ios	15.2\(6\)e2a
cisco	ios	15.2\(6\)e2b
cisco	ios	15.2\(6\)e3
cisco	ios	15.2\(6\)eb
cisco	ios	15.2\(7\)e
cisco	ios	15.2\(7\)e0a
cisco	ios	15.2\(7\)e0b
cisco	ios	15.2\(7\)e0s
cisco	ios	15.2\(7\)e1
cisco	ios	15.2\(7\)e1a
cisco	ios	15.2\(7\)e2
cisco	ios	15.2\(7\)e2a
cisco	ios	15.2\(7\)e2b
cisco	ios	15.2\(7\)e3
cisco	ios	15.2\(7a\)e0b
cisco	ios	15.2\(7b\)e0b
cisco	ios	15.3\(3\)jpc97
cisco	ios	15.4\(1\)sy
cisco	ios	15.4\(1\)sy1
cisco	ios	15.4\(1\)sy2
cisco	ios	15.4\(1\)sy3
cisco	ios	15.4\(1\)sy4
cisco	ios	15.5\(1\)sy
cisco	ios	15.5\(1\)sy1
cisco	ios	15.5\(1\)sy2
cisco	ios	15.5\(1\)sy3
cisco	ios	15.5\(1\)sy4
cisco	ios	15.5\(1\)sy5
cisco	ios	15.5\(1\)sy6
cisco	ios	15.5\(3\)m4
cisco	ios	15.5\(3\)m4a
cisco	ios	15.5\(3\)m4b
cisco	ios	15.5\(3\)m4c
cisco	ios	15.5\(3\)m5
cisco	ios	15.5\(3\)m6
cisco	ios	15.5\(3\)m6a
cisco	ios	15.5\(3\)m7
cisco	ios	15.5\(3\)m8
cisco	ios	15.5\(3\)m9
cisco	ios	15.5\(3\)m10
cisco	ios	15.5\(3\)m11
cisco	ios	15.5\(3\)s4
cisco	ios	15.5\(3\)s5
cisco	ios	15.5\(3\)s6
cisco	ios	15.5\(3\)s6a
cisco	ios	15.5\(3\)s6b
cisco	ios	15.5\(3\)s7
cisco	ios	15.5\(3\)s8
cisco	ios	15.5\(3\)s9
cisco	ios	15.5\(3\)s9a
cisco	ios	15.5\(3\)s10
cisco	ios	15.5\(3\)s10a
cisco	ios	15.6\(3\)m2
cisco	ios	15.6\(3\)m2a
cisco	ios	15.6\(3\)m3
cisco	ios	15.6\(3\)m3a
cisco	ios	15.6\(3\)m4
cisco	ios	15.6\(3\)m5
cisco	ios	15.6\(3\)m6
cisco	ios	15.6\(3\)m6a
cisco	ios	15.6\(3\)m6b
cisco	ios	15.6\(3\)m7
cisco	ios	15.6\(3\)m8
cisco	ios	15.6\(3\)m9
cisco	ios	15.7\(3\)m
cisco	ios	15.7\(3\)m0a
cisco	ios	15.7\(3\)m1
cisco	ios	15.7\(3\)m2
cisco	ios	15.7\(3\)m3
cisco	ios	15.7\(3\)m4
cisco	ios	15.7\(3\)m4a
cisco	ios	15.7\(3\)m4b
cisco	ios	15.7\(3\)m5
cisco	ios	15.7\(3\)m6
cisco	ios	15.7\(3\)m7
cisco	ios	15.8\(3\)m
cisco	ios	15.8\(3\)m0a
cisco	ios	15.8\(3\)m0b
cisco	ios	15.8\(3\)m1
cisco	ios	15.8\(3\)m1a
cisco	ios	15.8\(3\)m2
cisco	ios	15.8\(3\)m2a
cisco	ios	15.8\(3\)m3
cisco	ios	15.8\(3\)m3a
cisco	ios	15.8\(3\)m3b
cisco	ios	15.8\(3\)m4
cisco	ios	15.8\(3\)m5
cisco	ios	15.9\(3\)m
cisco	ios	15.9\(3\)m0a
cisco	ios	15.9\(3\)m1
cisco	ios	15.9\(3\)m2
cisco	ios	15.9\(3\)m2a
cisco	ios_xe	3.6.6e:e
cisco	ios_xe	3.6.7ae:ae
cisco	ios_xe	3.6.7be:be
cisco	ios_xe	3.6.7e:e
cisco	ios_xe	3.6.8e:e
cisco	ios_xe	3.6.9ae:ae
cisco	ios_xe	3.6.9e:e
cisco	ios_xe	3.6.10e:e
cisco	ios_xe	3.7.5e:e
cisco	ios_xe	3.8.4e:e
cisco	ios_xe	3.8.5ae:ae
cisco	ios_xe	3.8.5e:e
cisco	ios_xe	3.8.6e:e
cisco	ios_xe	3.8.7e:e
cisco	ios_xe	3.8.8e:e
cisco	ios_xe	3.8.9e:e
cisco	ios_xe	3.8.10e:e
cisco	ios_xe	3.9.1e:e
cisco	ios_xe	3.9.2be:be
cisco	ios_xe	3.9.2e:e
cisco	ios_xe	3.10.0ce:ce
cisco	ios_xe	3.10.0e:e
cisco	ios_xe	3.10.1ae:ae
cisco	ios_xe	3.10.1e:e
cisco	ios_xe	3.10.1se:se
cisco	ios_xe	3.10.2e:e
cisco	ios_xe	3.10.3e:e
cisco	ios_xe	3.11.0e:e
cisco	ios_xe	3.11.1ae:ae
cisco	ios_xe	3.11.1e:e
cisco	ios_xe	3.11.2ae:ae
cisco	ios_xe	3.11.2e:e
cisco	ios_xe	3.11.3ae:ae
cisco	ios_xe	3.11.3e:e
cisco	ios_xe	3.16.4as:as
cisco	ios_xe	3.16.4bs:bs
cisco	ios_xe	3.16.4cs:cs
cisco	ios_xe	3.16.4ds:ds
cisco	ios_xe	3.16.4es:es
cisco	ios_xe	3.16.4gs:gs
cisco	ios_xe	3.16.4s:s
cisco	ios_xe	3.16.5as:as
cisco	ios_xe	3.16.5bs:bs
cisco	ios_xe	3.16.5s:s
cisco	ios_xe	3.16.6bs:bs
cisco	ios_xe	3.16.6s:s
cisco	ios_xe	3.16.7as:as
cisco	ios_xe	3.16.7bs:bs
cisco	ios_xe	3.16.7s:s
cisco	ios_xe	3.16.8s:s
cisco	ios_xe	3.16.9s:s
cisco	ios_xe	3.16.10as:as
cisco	ios_xe	3.16.10s:s
cisco	ios_xe	16.3.2
cisco	ios_xe	16.3.3
cisco	ios_xe	16.3.4
cisco	ios_xe	16.3.5
cisco	ios_xe	16.3.5b:b
cisco	ios_xe	16.3.6
cisco	ios_xe	16.3.7
cisco	ios_xe	16.3.8
cisco	ios_xe	16.3.9
cisco	ios_xe	16.3.10
cisco	ios_xe	16.3.11
cisco	ios_xe	16.4.1
cisco	ios_xe	16.4.2
cisco	ios_xe	16.4.3
cisco	ios_xe	16.5.1
cisco	ios_xe	16.5.1a:a
cisco	ios_xe	16.5.1b:b
cisco	ios_xe	16.5.2
cisco	ios_xe	16.5.3
cisco	ios_xe	16.6.1
cisco	ios_xe	16.6.2
cisco	ios_xe	16.6.3
cisco	ios_xe	16.6.4
cisco	ios_xe	16.6.4a:a
cisco	ios_xe	16.6.4s:s
cisco	ios_xe	16.6.5
cisco	ios_xe	16.6.5a:a
cisco	ios_xe	16.6.5b:b
cisco	ios_xe	16.6.6
cisco	ios_xe	16.6.7
cisco	ios_xe	16.6.7a:a
cisco	ios_xe	16.6.8
cisco	ios_xe	16.7.1
cisco	ios_xe	16.7.1a:a
cisco	ios_xe	16.7.1b:b
cisco	ios_xe	16.7.2
cisco	ios_xe	16.7.3
cisco	ios_xe	16.7.4
cisco	ios_xe	16.8.1
cisco	ios_xe	16.8.1a:a
cisco	ios_xe	16.8.1b:b
cisco	ios_xe	16.8.1c:c
cisco	ios_xe	16.8.1d:d
cisco	ios_xe	16.8.1e:e
cisco	ios_xe	16.8.1s:s
cisco	ios_xe	16.8.2
cisco	ios_xe	16.8.3
cisco	ios_xe	16.9.1
cisco	ios_xe	16.9.1a:a
cisco	ios_xe	16.9.1b:b
cisco	ios_xe	16.9.1c:c
cisco	ios_xe	16.9.1d:d
cisco	ios_xe	16.9.1s:s
cisco	ios_xe	16.9.2
cisco	ios_xe	16.9.2a:a
cisco	ios_xe	16.9.2s:s
cisco	ios_xe	16.9.3
cisco	ios_xe	16.9.3a:a
cisco	ios_xe	16.9.3h:h
cisco	ios_xe	16.9.3s:s
cisco	ios_xe	16.9.4
cisco	ios_xe	16.9.4c:c
cisco	ios_xe	16.9.5
cisco	ios_xe	16.9.5f:f
cisco	ios_xe	16.9.6
cisco	ios_xe	16.10.1
cisco	ios_xe	16.10.1a:a
cisco	ios_xe	16.10.1b:b
cisco	ios_xe	16.10.1c:c
cisco	ios_xe	16.10.1d:d
cisco	ios_xe	16.10.1e:e
cisco	ios_xe	16.10.1f:f
cisco	ios_xe	16.10.1g:g
cisco	ios_xe	16.10.1s:s
cisco	ios_xe	16.10.2
cisco	ios_xe	16.10.3
cisco	ios_xe	16.11.1
cisco	ios_xe	16.11.1a:a
cisco	ios_xe	16.11.1b:b
cisco	ios_xe	16.11.1c:c
cisco	ios_xe	16.11.1s:s
cisco	ios_xe	16.11.2
cisco	ios_xe	16.12.1
cisco	ios_xe	16.12.1a:a
cisco	ios_xe	16.12.1c:c
cisco	ios_xe	16.12.1s:s
cisco	ios_xe	16.12.1t:t
cisco	ios_xe	16.12.1w:w
cisco	ios_xe	16.12.1x:x
cisco	ios_xe	16.12.1y:y
cisco	ios_xe	16.12.1z:z
cisco	ios_xe	16.12.2
cisco	ios_xe	16.12.2a:a
cisco	ios_xe	16.12.2s:s
cisco	ios_xe	16.12.2t:t
cisco	ios_xe	16.12.3
cisco	ios_xe	16.12.3a:a
cisco	ios_xe	16.12.3s:s
cisco	ios_xe	16.12.4
cisco	ios_xe	16.12.4a:a
cisco	ios_xe	17.1.1
cisco	ios_xe	17.1.1a:a
cisco	ios_xe	17.1.1s:s
cisco	ios_xe	17.1.1t:t
cisco	ios_xe	17.1.2
cisco	ios_xe	17.2.1
cisco	ios_xe	17.2.1a:a
cisco	ios_xe	17.2.1r:r
cisco	ios_xe	17.2.1v:v
cisco	ios_xe	17.2.2
cisco	ios_xe	17.3.1
cisco	ios_xe	17.3.1a:a
cisco	ios_xe	17.3.1w:w
cisco	ios_xe	17.3.2
cisco	ios_xe	17.3.2a:a

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-399 -

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE