CVE-2021-1523

Name of the Vulnerable Software and Affected Versions: Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode (affected versions not specified)

Description: The issue is caused by mishandling of ingress TCP traffic to a specific port, allowing an unauthenticated, remote attacker to cause a queue wedge on a leaf switch. This could result in critical control plane traffic being dropped, leading to a denial of service (DoS) condition where the leaf switches are unavailable. An attacker could exploit this by sending a stream of TCP packets to a specific port on a Switched Virtual Interface (SVI) configured on the device, causing a specific packet queue to queue network buffers but never process them.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.