Cisco ASR 5000 Software up to 21.21.1 IKEv2 Packet memory corruption

Summaryinfo

A vulnerability marked as critical has been reported in Cisco ASR 5000 Software. Affected is an unknown function of the component IKEv2 Packet Handler. Performing a manipulation results in memory corruption. This vulnerability is cataloged as CVE-2021-1424. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.

Detailsinfo

A vulnerability was found in Cisco ASR 5000 Software. It has been classified as critical. This affects an unknown code of the component IKEv2 Packet Handler. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying the issue as CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. This is going to have an impact on availability. The summary by CVE is:

A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

The advisory is shared at sec.cloudapps.cisco.com. This vulnerability is uniquely identified as CVE-2021-1424 since 11/13/2020. The exploitability is told to be easy. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $0-$5k at the moment (estimation calculated on 11/18/2024).

Upgrading eliminates this vulnerability.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Type

• Router Operating System

Vendor

• Cisco

Name

• ASR 5000 Software

Version

• 21.11.0
• 21.11.1
• 21.11.2
• 21.11.3
• 21.11.4
• 21.11.5
• 21.11.6
• 21.11.7
• 21.11.8
• 21.11.9
• 21.11.10
• 21.11.11
• 21.11.12
• 21.11.13
• 21.11.14
• 21.11.15
• 21.11.16
• 21.11.17
• 21.11.18
• 21.11.19
• 21.12.0
• 21.12.1
• 21.12.2
• 21.12.3
• 21.12.4
• 21.12.5
• 21.12.6
• 21.12.7
• 21.12.8
• 21.12.9
• 21.12.10
• 21.12.11
• 21.12.12
• 21.12.13
• 21.12.14
• 21.12.16
• 21.12.17
• 21.12.18
• 21.12.19
• 21.12.20
• 21.12.21
• 21.13.0
• 21.13.1
• 21.13.2
• 21.13.3
• 21.13.4
• 21.13.5
• 21.13.6
• 21.13.7
• 21.13.8
• 21.13.9
• 21.13.10
• 21.13.11
• 21.13.12
• 21.13.13
• 21.13.14
• 21.13.15
• 21.13.16
• 21.13.17
• 21.13.18
• 21.13.19
• 21.13.20
• 21.13.21
• 21.14.0
• 21.14.1
• 21.14.2
• 21.14.3
• 21.14.4
• 21.14.5
• 21.14.6
• 21.14.7
• 21.14.8
• 21.14.9
• 21.14.10
• 21.14.11
• 21.14.12
• 21.14.16
• 21.14.17
• 21.14.19
• 21.14.20
• 21.14.22
• 21.14.23
• 21.14.a0
• 21.14.b12
• 21.14.b13
• 21.14.b14
• 21.14.b15
• 21.14.b17
• 21.14.b18
• 21.14.b19
• 21.14.b20
• 21.14.b21
• 21.14.b22
• 21.15.0
• 21.15.1
• 21.15.2
• 21.15.3
• 21.15.4
• 21.15.5
• 21.15.6
• 21.15.7
• 21.15.8
• 21.15.10
• 21.15.11
• 21.15.12
• 21.15.13
• 21.15.14
• 21.15.15
• 21.15.16
• 21.15.17
• 21.15.18
• 21.15.19
• 21.15.20
• 21.15.21
• 21.15.22
• 21.15.24
• 21.15.25
• 21.15.26
• 21.15.27
• 21.15.28
• 21.15.29
• 21.15.30
• 21.15.32
• 21.15.33
• 21.15.36
• 21.15.37
• 21.15.40
• 21.15.41
• 21.15.43
• 21.15.45
• 21.15.46
• 21.15.47
• 21.15.48
• 21.15.51
• 21.15.52
• 21.15.53
• 21.15.54
• 21.15.55
• 21.16.2
• 21.16.3
• 21.16.4
• 21.16.5
• 21.16.6
• 21.16.7
• 21.16.8
• 21.16.c9
• 21.16.c10
• 21.16.c11
• 21.16.c12
• 21.16.c13
• 21.16.c14
• 21.16.c15
• 21.16.d0
• 21.16.d1
• 21.17.0
• 21.17.1
• 21.17.2
• 21.17.3
• 21.17.4
• 21.17.5
• 21.17.6
• 21.17.7
• 21.17.8
• 21.17.9
• 21.17.10
• 21.17.11
• 21.17.12
• 21.17.13
• 21.17.14
• 21.17.15
• 21.17.16
• 21.17.17
• 21.18.0
• 21.18.1
• 21.18.2
• 21.18.3
• 21.18.4
• 21.18.5
• 21.18.6
• 21.18.7
• 21.18.8
• 21.18.9
• 21.18.11
• 21.18.12
• 21.18.13
• 21.18.14
• 21.18.15
• 21.19.0
• 21.19.1
• 21.19.2
• 21.19.3
• 21.19.4
• 21.19.5
• 21.19.6
• 21.19.7
• 21.19.8
• 21.19.9
• 21.19.10
• 21.19.n3
• 21.19.n4
• 21.19.n5
• 21.19.n6
• 21.20.0
• 21.20.1
• 21.20.2
• 21.20.3
• 21.20.4
• 21.20.6
• 21.20.7
• 21.20.8
• 21.20.9
• 21.20.10
• 21.20.11
• 21.20.k6
• 21.20.k7
• 21.20.SV1
• 21.20.SV2
• 21.20.SV3
• 21.20.SV5
• 21.20.u8
• 21.21.0
• 21.21.1

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Discussion