Details of VAR-202109-0244

ID

VAR-202109-0244

CVE

CVE-2021-1616

TITLE

Cisco IOS XE Software Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202109-1561

DESCRIPTION

A vulnerability in the H.323 application level gateway (ALG) used by the Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass the ALG. This vulnerability is due to insufficient data validation of traffic that is traversing the ALG. An attacker could exploit this vulnerability by sending crafted traffic to a targeted device. A successful exploit could allow the attacker to bypass the ALG and open connections that should not be allowed to a remote device located behind the ALG. Note: This vulnerability has been publicly discussed as NAT Slipstreaming. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 1.62

sources: NVD: CVE-2021-1616 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-374670 // VULMON: CVE-2021-1616

AFFECTED PRODUCTS

vendor:

cisco

model:

ios xe

scope:

version:

17.6.1

Trust: 1.0

sources: NVD: CVE-2021-1616

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-1616
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-1616
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-202109-1561
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-374670
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-1616
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-1616
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-374670
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-1616
baseSeverity:	MEDIUM
baseScore:	4.7
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	1.4
version:	3.1
Trust: 2.0

sources: VULHUB: VHN-374670 // VULMON: CVE-2021-1616 // CNNVD: CNNVD-202109-1561 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-1616 // NVD: CVE-2021-1616

PROBLEMTYPE DATA

problemtype:	CWE-693	Trust: 1.0
problemtype:	NVD-CWE-Other	Trust: 1.0

sources: NVD: CVE-2021-1616

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202109-1561

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202109-1561 // CNNVD: CNNVD-202104-975

PATCH

title:	Cisco IOS XE Software Enter the fix for the verification error vulnerability	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=164740	Trust: 0.6
title:	Cisco: Cisco IOS XE Software H.323 Application Level Gateway Bypass Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-iosxe-h323alg-bypass-4vy2MP2Q	Trust: 0.1

sources: VULMON: CVE-2021-1616 // CNNVD: CNNVD-202109-1561

EXTERNAL IDS

db:	NVD	id:	CVE-2021-1616	Trust: 1.8
db:	AUSCERT	id:	ESB-2021.3180	Trust: 0.6
db:	CS-HELP	id:	SB2021092412	Trust: 0.6
db:	CNNVD	id:	CNNVD-202109-1561	Trust: 0.6
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	VULHUB	id:	VHN-374670	Trust: 0.1
db:	VULMON	id:	CVE-2021-1616	Trust: 0.1

sources: VULHUB: VHN-374670 // VULMON: CVE-2021-1616 // CNNVD: CNNVD-202109-1561 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-1616

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-iosxe-h323alg-bypass-4vy2mp2q	Trust: 2.5
url:	https://vigilance.fr/vulnerability/cisco-ios-xe-ingress-filtrering-bypass-via-h-323-application-level-gateway-36500	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3180	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021092412	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1616	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-374670 // VULMON: CVE-2021-1616 // CNNVD: CNNVD-202109-1561 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-1616

SOURCES

db:	VULHUB	id:	VHN-374670
db:	VULMON	id:	CVE-2021-1616
db:	CNNVD	id:	CNNVD-202109-1561
db:	CNNVD	id:	CNNVD-202104-975
db:	NVD	id:	CVE-2021-1616

LAST UPDATE DATE

2024-08-14T12:15:22.076000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-374670	date:	2022-10-24T00:00:00
db:	VULMON	id:	CVE-2021-1616	date:	2021-10-07T00:00:00
db:	CNNVD	id:	CNNVD-202109-1561	date:	2022-10-26T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	NVD	id:	CVE-2021-1616	date:	2023-11-07T03:28:47.623

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-374670	date:	2021-09-23T00:00:00
db:	VULMON	id:	CVE-2021-1616	date:	2021-09-23T00:00:00
db:	CNNVD	id:	CNNVD-202109-1561	date:	2021-09-22T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	NVD	id:	CVE-2021-1616	date:	2021-09-23T03:15:12.627