CVE-2021-1600 — Vulnetix

CVE-2021-1600 PUBLISHED CVSS 8.300000190734863 HIGH

Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are received on the external management interface. An attacker could exploit these vulnerabilities by sending specific traffic to this interface on an affected device. A successful exploit could allow the attacker to access sensitive internal services and make configuration changes on the affected device.

EPSS 0.11% · 28.4th percentile

Risk Scores

CVSS 3.1

8.300000190734863

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

EPSS Score

0.11%

28.4th percentile

Affected Products

Vendor	Product	Versions
cisco	intersight_virtual_appliance	*
Cisco	N/A
Cisco	Cisco Intersight Virtual Appliance	*

Exploit Intelligence

20210721 Cisco Intersight Virtual Appliance IPv4 and IPv6 Forwarding Vulnerabilities (circl)

Timeline

Jul 22, 2021 CVE Published
Jul 23, 2021 EPSS Score
Sep 20, 2021 EPSS Score
Nov 19, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Jan 17, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 16, 2022 EPSS Score
Jul 15, 2022 EPSS Score
Sep 12, 2022 EPSS Score
Nov 11, 2022 EPSS Score
Jan 9, 2023 EPSS Score

References

20210721 Cisco Intersight Virtual Appliance IPv4 and IPv6 Forwarding Vulnerabilities vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2021-1600 advisory

Open in Interactive Console →