CVE-2021-1611

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Wireless Controller Software versions (affected versions not specified)

Description A vulnerability in Ethernet over GRE (EoGRE) packet processing could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This issue is due to improper processing of malformed EoGRE packets. An attacker could exploit this vulnerability by sending malicious packets to the affected device, potentially causing the device to reload and resulting in a DoS condition.

Recommendations For Cisco IOS XE Wireless Controller Software, update to a version that includes the fix for this issue, as software updates have been released by Cisco to address this vulnerability. As a temporary workaround, consider restricting access to the EoGRE packet processing functionality until a patch is available. Avoid sending malicious packets to the affected device to minimize the risk of exploitation. At the moment, there is no information about a specific version that contains a fix for this vulnerability, but it is recommended to follow Cisco's security advisory for the most up-to-date information.