CVE-2021-1131 — MEDIUM (6.5)

Q: How severe is CVE-2021-1131?

CVE-2021-1131 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-1131?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Video Surveillance 8000P Ip Camera Firmware, Cisco Video Surveillance 8000P Ip Camera, Cisco Video Surveillance 8020 Ip Camera Firmware, Cisco Video Surveillance 8020 Ip Camera, Cisco Video Surveillance 8030 Ip Camera Firmware.

Vulnerability Description

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. The vulnerability is due to missing checks when Cisco Discovery Protocol messages are processed. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected IP camera. A successful exploit could allow the attacker to cause the affected IP camera to reload unexpectedly, resulting in a denial of service (DoS) condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Cisco	Video Surveillance 8000P Ip Camera Firmware	< 1.0.9-8
Cisco	Video Surveillance 8000P Ip Camera	-
Cisco	Video Surveillance 8020 Ip Camera Firmware	< 1.0.9-8
Cisco	Video Surveillance 8020 Ip Camera	-
Cisco	Video Surveillance 8030 Ip Camera Firmware	< 1.0.9-8
Cisco	Video Surveillance 8030 Ip Camera	-
Cisco	Video Surveillance 8070 Ip Camera Firmware	< 1.0.9-8
Cisco	Video Surveillance 8070 Ip Camera	-
Cisco	Video Surveillance 8400 Ip Camera Firmware	< 1.0.9-8
Cisco	Video Surveillance 8400 Ip Camera	-
Cisco	Video Surveillance 8620 Ip Camera Firmware	< 1.0.9-8
Cisco	Video Surveillance 8620 Ip Camera	-
Cisco	Video Surveillance 8630 Ip Camera Firmware	< 1.0.9-8
Cisco	Video Surveillance 8630 Ip Camera	-
Cisco	Video Surveillance 8930 Speed Dome Ip Camera Firmware	< 1.0.9-8
Cisco	Video Surveillance 8930 Speed Dome Ip Camera	-

Related Weaknesses (CWE)

CWE-119

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iVendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iVendor Advisory

FAQ

What is CVE-2021-1131?

CVE-2021-1131 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to r...

How severe is CVE-2021-1131?

CVE-2021-1131 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-1131?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Video Surveillance 8000P Ip Camera Firmware, Cisco Video Surveillance 8000P Ip Camera, Cisco Video Surveillance 8020 Ip Camera Firmware, Cisco Video Surveillance 8020 Ip Camera, Cisco Video Surveillance 8030 Ip Camera Firmware.