Vulnerabilities > CVE-2021-1313 - Memory Leak vulnerability in Cisco IOS XR

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

cisco

CWE-401

NVD

Published: 2021-02-04

Updated: 2023-11-07

Summary

Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS XR 5.3.0 Cisco IOS XR 5.3.0_Base Cisco IOS XR 5.3.1 Cisco IOS XR 5.3.2 Cisco IOS XR 5.3.3 Cisco IOS XR 5.0.0 Cisco IOS XR 5.0.1 Cisco IOS XR 5.0.3.Ce Cisco IOS XR 5.0_Base Cisco IOS XR 5.1.0 Cisco IOS XR 5.1.1 Cisco IOS XR 5.1.1.K9Sec Cisco IOS XR 5.1.2 Cisco IOS XR 5.1.3 Cisco IOS XR 5.1.3.03 Cisco IOS XR 5.1.4.Base Cisco IOS XR 5.2.0 Cisco IOS XR 5.2.0.Base Cisco IOS XR 5.2.1 Cisco IOS XR 5.2.2 Cisco IOS XR 5.2.3 Cisco IOS XR 5.2.4 Cisco IOS XR 5.2.4.00 Cisco IOS XR 5.2.5 Cisco IOS XR 5.2.5.Ce	31

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dos-WwDdghs2