CVE-2021-1353
First published: Wed Jan 20 2021(Updated: )
A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco StarOS | <21.22.0 | |
| Cisco ASR 5000 | ||
| Cisco ASR 5500 | ||
| Cisco Asr 5700 | ||
| Cisco Virtualized Packet Core-single Instance |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity level of CVE-2021-1353?
The severity level of CVE-2021-1353 is high with a severity score of 8.6.
What is the vulnerability in Cisco StarOS?
The vulnerability in Cisco StarOS is a memory leak during packet processing in the IPv4 protocol handling.
What are the affected software versions?
The affected software versions include Cisco StarOS up to version 21.22.0.
How can an attacker exploit CVE-2021-1353?
An attacker can exploit CVE-2021-1353 by sending specially crafted packets to the affected device, causing a denial of service (DoS) condition.
Where can I find more information about CVE-2021-1353?
You can find more information about CVE-2021-1353 in the Cisco Security Advisory at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3.