CVE-2021-1624

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software (affected versions not specified)

Description The issue is related to the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software, which could allow an unauthenticated, remote attacker to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a denial of service (DoS) condition. This is due to mishandling of the rate limiting feature within the QuantumFlow Processor. An attacker could exploit this by sending large amounts of traffic subject to NAT and rate limiting through an affected device, potentially causing the QuantumFlow Processor utilization to reach 100 percent.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.