1. Home
  2. CVE Database
  3. CVE-2021-1266
MEDIUM · 4.3

CVE-2021-1266

A vulnerability in the REST API of Cisco Managed Services Accelerator (MSX) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulner...

Vulnerability Description

A vulnerability in the REST API of Cisco Managed Services Accelerator (MSX) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the way that the affected software logs certain API requests. An attacker could exploit this vulnerability by sending a flood of crafted API requests to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
CiscoManaged Services Accelerator< 3.10.0

Related Weaknesses (CWE)

CWE-400

References

FAQ

What is CVE-2021-1266?

CVE-2021-1266 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability in the REST API of Cisco Managed Services Accelerator (MSX) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulner...

How severe is CVE-2021-1266?

CVE-2021-1266 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-1266?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Managed Services Accelerator.