Vulnerability Description
A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for certain Cisco devices could allow an unauthenticated, remote attacker to bypass an IPv6 access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to improper processing of IPv6 traffic that is sent through an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 packets that traverse the affected device. A successful exploit could allow the attacker to access resources that would typically be protected by the interface ACL.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios Xr | < 6.6.3 |
| Cisco | Ncs 540 | - |
| Cisco | Ncs 5501 | - |
| Cisco | Ncs 5501-Se | - |
| Cisco | Ncs 5502 | - |
| Cisco | Ncs 5502-Se | - |
| Cisco | Ncs 5508 | - |
| Cisco | Ncs 5516 | - |
| Cisco | Ncs 560 | - |
| Cisco | Nx-Os | - |
| Cisco | Nexus 3600 | - |
| Cisco | Nexus 9500 R | - |
Related Weaknesses (CWE)
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iVendor Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iVendor Advisory
FAQ
What is CVE-2021-1389?
CVE-2021-1389 is a vulnerability with a CVSS score of 5.8 (MEDIUM). A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for certain Cisco devices could allow an unauthenticated, remote attacker to bypass an IPv6 access cont...
How severe is CVE-2021-1389?
CVE-2021-1389 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-1389?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xr, Cisco Ncs 540, Cisco Ncs 5501, Cisco Ncs 5501-Se, Cisco Ncs 5502.