CVE-2021-1131
Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Denial of Service Vulnerability
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.5EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
13 ene 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. The vulnerability is due to missing checks when Cisco Discovery Protocol messages are processed. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected IP camera. A successful exploit could allow the attacker to cause the affected IP camera to reload unexpectedly, resulting in a denial of service (DoS) condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Cisco · Cisco Video Surveillance 8000 Series IP Cameras