CVE-2021-34720
A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process.
EPSS 0.38% · 59.9th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | ios_xr | 0, 6.3.0, 6.5.0 |
| Cisco | Cisco IOS XR Software | n/a |
Exploit Intelligence
Timeline
- Sep 9, 2021 CVE Published
- Sep 9, 2021 EPSS Score
- Nov 6, 2021 EPSS Score
- Jan 2, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 1, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 28, 2022 EPSS Score
- Jun 24, 2022 EPSS Score
- Oct 19, 2022 EPSS Score
- Dec 16, 2022 EPSS Score
- Feb 11, 2023 EPSS Score
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-34720 advisory