Vulnerability Description
A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Nx-Os | - |
| Cisco | Nexus 3000 | - |
| Cisco | Nexus 3048 | - |
| Cisco | Nexus 31108Pc-V | - |
| Cisco | Nexus 31108Tc-V | - |
| Cisco | Nexus 31128Pq | - |
| Cisco | Nexus 3132C-Z | - |
| Cisco | Nexus 3132Q-V | - |
| Cisco | Nexus 3132Q-X\/3132Q-Xl | - |
| Cisco | Nexus 3164Q | - |
| Cisco | Nexus 3172Pq\/Pq-Xl | - |
| Cisco | Nexus 3172Tq-Xl | - |
| Cisco | Nexus 3232C | - |
| Cisco | Nexus 3264C-E | - |
| Cisco | Nexus 3264Q | - |
| Cisco | Nexus 3408-S | - |
| Cisco | Nexus 34180Yc | - |
| Cisco | Nexus 3432D-S | - |
| Cisco | Nexus 3464C | - |
| Cisco | Nexus 3524-X\/Xl | - |
Related Weaknesses (CWE)
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nPatchVendor Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nPatchVendor Advisory
FAQ
What is CVE-2021-1587?
CVE-2021-1587 is a vulnerability with a CVSS score of 8.6 (HIGH). A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of serv...
How severe is CVE-2021-1587?
CVE-2021-1587 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-1587?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Nx-Os, Cisco Nexus 3000, Cisco Nexus 3048, Cisco Nexus 31108Pc-V, Cisco Nexus 31108Tc-V.