A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device.
Metrics
No CVSS v4.0
Attack Vector Network
Attack Complexity Low
Privileges Required None
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact Low
User Interaction None
No CVSS v3.0
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
AV:N/AC:M/Au:N/C:N/I:N/A:P
This CVE is not in the KEV list.
Exploitation none
Automatable yes
Technical Impact partial
Affected Vendors & Products
Vendors | Products |
---|---|
Cisco |
|
Configuration 1 [-]
AND |
|
Configuration 2 [-]
AND |
|
No data.
References
History
Thu, 07 Nov 2024 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2021-08-25T19:11:18.814603Z
Updated: 2024-11-07T22:02:13.143Z
Reserved: 2020-11-13T00:00:00
Link: CVE-2021-1590
Vulnrichment
Updated: 2024-08-03T16:18:10.362Z
NVD
Status : Modified
Published: 2021-08-25T20:15:11.657
Modified: 2024-11-21T05:44:41.597
Link: CVE-2021-1590
Redhat
No data.