CVE-2021-1523: Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability
First published: Wed Aug 25 2021(Updated: )
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in one or more leaf switches being removed from the fabric. This vulnerability is due to mishandling of ingress TCP traffic to a specific port. An attacker could exploit this vulnerability by sending a stream of TCP packets to a specific port on a Switched Virtual Interface (SVI) configured on the device. A successful exploit could allow the attacker to cause a specific packet queue to queue network buffers but never process them, leading to an eventual queue wedge. This could cause control plane traffic to be dropped, resulting in a denial of service (DoS) condition where the leaf switches are unavailable. Note: This vulnerability requires a manual intervention to power-cycle the device to recover.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Nx-os | =13.2\(3n\) | |
| Cisco Nx-os | =14.2\(4i\) | |
| Cisco Nexus 93120tx | ||
| Cisco Nexus 93128tx | ||
| Cisco Nexus 9332pq | ||
| Cisco Nexus 9372px | ||
| Cisco Nexus 9372px-e | ||
| Cisco Nexus 9372tx | ||
| Cisco Nexus 9372tx-e | ||
| Cisco Nexus 9396px | ||
| Cisco Nexus 9396tx |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Cisco Nexus 9000 Series Fabric Switches vulnerability?
The vulnerability ID for this Cisco Nexus 9000 Series Fabric Switches vulnerability is CVE-2021-1523.
What is the severity level of CVE-2021-1523?
The severity level of CVE-2021-1523 is high.
Which software versions are affected by this vulnerability?
The Cisco Nexus 9000 Series Fabric Switches running NX-OS versions 13.2(3n) and 14.2(4i) are affected by this vulnerability.
What is the impact of this vulnerability?
This vulnerability could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, resulting in critical control plane traffic being dropped.
How can I fix this vulnerability?
To fix this vulnerability, Cisco has released software updates that address the issue. It is recommended to upgrade to a fixed software version.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/title
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- agent/event
- agent/tags
- vendor/cisco
- canonical/cisco nx-os
- version/cisco nx-os/13.2\(3n\)
- version/cisco nx-os/14.2\(4i\)
- canonical/cisco nexus 93120tx
- canonical/cisco nexus 93128tx
- canonical/cisco nexus 9332pq
- canonical/cisco nexus 9372px
- canonical/cisco nexus 9372px-e
- canonical/cisco nexus 9372tx
- canonical/cisco nexus 9372tx-e
- canonical/cisco nexus 9396px
- canonical/cisco nexus 9396tx