CVE-2021-1622

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers (affected versions not specified)

Description A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This is due to a deadlock condition in the code when processing COPS packets under certain conditions. An attacker could exploit this by sending COPS packets with high burst rates to an affected device, causing the CPU to consume excessive resources and preventing other control plane processes from obtaining resources.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.