CVE-2021-34767

23.09.2021, 03:15

A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a Layer 2 (L2) loop in a configured VLAN, resulting in a denial of service (DoS) condition for that VLAN. The vulnerability is due to a logic error when processing specific link-local IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet that would flow inbound through the wired interface of an affected device. A successful exploit could allow the attacker to cause traffic drops in the affected VLAN, thus triggering the DoS condition.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.4 HIGH	ADJACENT_NETWORK	LOW	NONE	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
cisco	CNA	7.4 HIGH	ADJACENT_NETWORK	LOW	NONE	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 28%

Vendor	Product	Version
cisco	ios_xe	*
cisco	ios_xe	3.15.1xbs:xbs
cisco	ios_xe	3.15.2xbs:xbs
cisco	ios_xe	16.7.1
cisco	ios_xe	16.7.1a:a
cisco	ios_xe	16.7.1b:b
cisco	ios_xe	16.7.2
cisco	ios_xe	16.7.3
cisco	ios_xe	16.7.4
cisco	ios_xe	16.8.1
cisco	ios_xe	16.8.1a:a
cisco	ios_xe	16.8.1b:b
cisco	ios_xe	16.8.1c:c
cisco	ios_xe	16.8.1d:d
cisco	ios_xe	16.8.1e:e
cisco	ios_xe	16.8.1s:s
cisco	ios_xe	16.8.2
cisco	ios_xe	16.8.3
cisco	ios_xe	16.9.1
cisco	ios_xe	16.9.1a:a
cisco	ios_xe	16.9.1b:b
cisco	ios_xe	16.9.1c:c
cisco	ios_xe	16.9.1d:d
cisco	ios_xe	16.9.1s:s
cisco	ios_xe	16.9.2
cisco	ios_xe	16.9.2a:a
cisco	ios_xe	16.9.2s:s
cisco	ios_xe	16.9.3
cisco	ios_xe	16.9.3a:a
cisco	ios_xe	16.9.3h:h
cisco	ios_xe	16.9.3s:s
cisco	ios_xe	16.9.4
cisco	ios_xe	16.9.4c:c
cisco	ios_xe	16.9.5
cisco	ios_xe	16.9.5f:f
cisco	ios_xe	16.9.6
cisco	ios_xe	16.9.7
cisco	ios_xe	16.10.1
cisco	ios_xe	16.10.1a:a
cisco	ios_xe	16.10.1b:b
cisco	ios_xe	16.10.1c:c
cisco	ios_xe	16.10.1d:d
cisco	ios_xe	16.10.1e:e
cisco	ios_xe	16.10.1f:f
cisco	ios_xe	16.10.1g:g
cisco	ios_xe	16.10.1s:s
cisco	ios_xe	16.10.2
cisco	ios_xe	16.10.3
cisco	ios_xe	16.11.1
cisco	ios_xe	16.11.1a:a
cisco	ios_xe	16.11.1b:b
cisco	ios_xe	16.11.1c:c
cisco	ios_xe	16.11.1s:s
cisco	ios_xe	16.11.2
cisco	ios_xe	16.12.1
cisco	ios_xe	16.12.1a:a
cisco	ios_xe	16.12.1c:c
cisco	ios_xe	16.12.1s:s
cisco	ios_xe	16.12.1t:t
cisco	ios_xe	16.12.1w:w
cisco	ios_xe	16.12.1x:x
cisco	ios_xe	16.12.1y:y
cisco	ios_xe	16.12.1z:z
cisco	ios_xe	16.12.1z1:z1
cisco	ios_xe	16.12.1za:za
cisco	ios_xe	16.12.2
cisco	ios_xe	16.12.2a:a
cisco	ios_xe	16.12.2s:s
cisco	ios_xe	16.12.2t:t
cisco	ios_xe	16.12.3
cisco	ios_xe	16.12.3a:a
cisco	ios_xe	16.12.3s:s
cisco	ios_xe	16.12.4
cisco	ios_xe	16.12.4a:a
cisco	ios_xe	17.1.1
cisco	ios_xe	17.1.1a:a
cisco	ios_xe	17.1.1s:s
cisco	ios_xe	17.1.1t:t
cisco	ios_xe	17.1.2
cisco	ios_xe	17.1.3
cisco	ios_xe	17.2.1
cisco	ios_xe	17.2.1a:a
cisco	ios_xe	17.2.1r:r
cisco	ios_xe	17.2.1v:v
cisco	ios_xe	17.2.2
cisco	ios_xe	17.2.3
cisco	ios_xe	17.3.1
cisco	ios_xe	17.3.1a:a
cisco	ios_xe	17.3.1w:w
cisco	ios_xe	17.3.1x:x
cisco	ios_xe	17.3.1z:z
cisco	ios_xe	17.3.2
cisco	ios_xe	17.3.2a:a

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-670 - Always-Incorrect Control Flow Implementation
The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-ipv6-dos-NMYeCnZv