CVE-2021-1285

Name of the Vulnerable Software and Affected Versions: Cisco products (affected versions not specified)

Description: The issue is related to improper handling of error conditions when processing Ethernet frames in the Snort detection engine, which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. An attacker could exploit this by sending malicious Ethernet frames through an affected device, potentially exhausting disk space, preventing administrators from logging in, or causing the device to fail to boot up correctly. Manual intervention is required to recover from this situation.

Recommendations: For all affected versions, update to the latest software version released by Cisco that addresses this issue. As a temporary workaround, consider restricting access to the Ethernet Frame Decoder of the Snort detection engine until a patch is available. Contact the Cisco Technical Assistance Center (TAC) for assistance in recovering a device that has been affected by this issue.