Sunday, September 26, 2021

Cisco IOS: CVE-2021-34699: Cisco IOS and IOS XE Software TrustSec CLI Parser Denial of Service Vulnerability

Description
A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerability by requesting a particular CLI command to be run through the web UI. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.
Solution(s)
  • cisco-ios-upgrade-latest


  • References
  • https://attackerkb.com/topics/cve-2021-34699
  • CVE - 2021-34699
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-trustsec-dos-7fuXDR2




  •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore