CVE-2021-1377
MEDIUMCisco IOS - Unauthenticated Denial of Service via ARP Entry Mismanagement
Title source: llmDescription
A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resolving ARP entries for legitimate hosts on the connected subnets. This vulnerability exists because ARP entries are mismanaged. An attacker could exploit this vulnerability by continuously sending traffic that results in incomplete ARP entries. A successful exploit could allow the attacker to cause ARP requests on the device to be unsuccessful for legitimate hosts, resulting in a denial of service (DoS) condition.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE
Scores
CVSS v3
5.8
EPSS
0.0054
EPSS Percentile
68.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-399
Status
published
Products (50)
cisco/ios
12.2\(6\)i1
cisco/ios
15.1\(3\)svr1
cisco/ios
15.1\(3\)svr2
cisco/ios
15.1\(3\)svr3
cisco/ios
15.1\(3\)svs
cisco/ios
15.1\(3\)svs1
cisco/ios
15.2\(2\)e6
cisco/ios
15.2\(2\)e7
cisco/ios
15.2\(2\)e7b
cisco/ios
15.2\(2\)e8
... and 40 more
Published
Mar 24, 2021
Tracked Since
Feb 18, 2026