{ "id": "CVE-2021-1379", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-11-18T16:15:09.310", "lastModified": "2024-11-18T17:11:17.393", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone.\r\nThese vulnerabilities are due to missing checks when the IP phone processes a Cisco Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities." }, { "lang": "es", "value": "Varias vulnerabilidades en las implementaciones de Cisco Discovery Protocol y Link Layer Discovery Protocol (LLDP) para los tel\u00e9fonos IP de Cisco de las series 68xx/78xx/88xx podr\u00edan permitir que un atacante adyacente no autenticado ejecute c\u00f3digo de forma remota o provoque una recarga de un tel\u00e9fono IP afectado. Estas vulnerabilidades se deben a la falta de comprobaciones cuando el tel\u00e9fono IP procesa un paquete Cisco Discovery Protocol o LLDP. Un atacante podr\u00eda explotar estas vulnerabilidades enviando un paquete Cisco Discovery Protocol o LLDP malicioso al tel\u00e9fono IP de destino. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo en el tel\u00e9fono IP afectado o hacer que se recargue inesperadamente, lo que resultar\u00eda en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Nota: Cisco Discovery Protocol es un protocolo de capa 2. Para explotar estas vulnerabilidades, un atacante debe estar en el mismo dominio de difusi\u00f3n que el dispositivo afectado (adyacente a la capa 2). Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades." } ], "metrics": { "cvssMetricV31": [ { "source": "ykramarz@cisco.com", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "ykramarz@cisco.com", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-120" } ] } ], "references": [ { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-rce-dos-U2PsSkz3", "source": "ykramarz@cisco.com" }, { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3", "source": "ykramarz@cisco.com" } ] }