VDB

CVE-2021-34699

CVE-2021-34699 PUBLISHED CVSS 7.699999809265137 HIGH

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerability by requesting a particular CLI command to be run through the web UI. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

EPSS 0.70% · 72.5th percentile

Risk Scores

CVSS 3.1
7.699999809265137
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
EPSS Score
0.70%
72.5th percentile

Affected Products

VendorProductVersions
ciscoios_xe3.3.0se, 3.3.0xo, 3.3.1xo
CiscoCisco IOSn/a
ciscoios*, *, *

Exploit Intelligence

Timeline

  • Apr 13, 2021 CVE Published
  • Sep 23, 2021 EPSS Score
  • Nov 19, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Mar 14, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 10, 2022 EPSS Score
  • Jul 6, 2022 EPSS Score
  • Sep 2, 2022 EPSS Score
  • Dec 26, 2022 EPSS Score
  • Feb 21, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›