PT-2021-5128 · Cisco · Cisco Video Surveillance 7000 Series Ip Cameras

Qian Chen

Published

2021-08-18

Updated

2021-08-26

CVE-2021-34734

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Cisco Video Surveillance 7000 Series IP Cameras (affected versions not specified)

Description The issue is related to a double free error in the implementation of the Link Layer Discovery Protocol (LLDP) for the Cisco Video Surveillance 7000 Series IP Cameras firmware. This could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition by sending crafted LLDP packets to an affected device, potentially causing the device to reload. The exploitation of this issue requires the attacker to be in the same broadcast domain as the affected device (Layer 2 adjacent).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

BDU:2021-05922

CVE-2021-34734

Affected Products

Cisco Video Surveillance 7000 Series Ip Cameras

PT-2021-5128 · Cisco · Cisco Video Surveillance 7000 Series Ip Cameras

CVE-2021-34734

Weakness Enumeration

Related Identifiers

Affected Products

References · 7