Cisco Event Response Page
Cisco Event Response: August 2021 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication
-
Cisco released its semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication on August 25, 2021. In direct response to customer feedback, Cisco releases bundles of Cisco FXOS and NX-OS Software Security Advisories on the fourth Wednesday of the month in February and August of each calendar year.
The August 25, 2021, release of the Cisco FXOS and NX-OS Software Security Advisory Bundled Publication includes 9 Cisco Security Advisories that describe 9 vulnerabilities in Cisco NX-OS Software and Cisco UCS Software. Cisco has released software updates that address these vulnerabilities.
Of these advisories, four have a Security Impact Rating (SIR) of High and five have a SIR of Medium.
-
The following table identifies Cisco Security content that is associated with this bundled publication:
Cisco Security Advisory CVE ID Security Impact Rating CVSS Base Score Affected Cisco Platforms cisco-sa-n9kaci-tcp-dos-YXukt6gM
Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service VulnerabilityCVE-2021-1586High8.6Nexus 9000 Series Fabric Switches in ACI modecisco-sa-n9kaci-queue-wedge-cLDDEfKF
Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service VulnerabilityCVE-2021-1523High8.6Nexus 9000 Series Fabric Switches in ACI modecisco-sa-nxos-mpls-oam-dos-sGO9x5GM
Cisco NX-OS Software MPLS OAM Denial of Service VulnerabilityCVE-2021-1588High8.6Nexus 3000 Series Switches
Nexus 7000 Series Switches
Nexus 9000 Series Switches in standalone NX-OS modecisco-sa-nxos-ngoam-dos-LTDb9Hv
Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service VulnerabilityCVE-2021-1587High8.6Nexus 3000 Series Switches
Nexus 9000 Series Switches in standalone NX-OS modecisco-sa-naci-afr-UtjfO2D7
Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read VulnerabilityCVE-2021-1583Medium4.4Nexus 9000 Series Fabric Switches in ACI modecisco-sa-naci-mdvul-vrKVgNU
Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation VulnerabilityCVE-2021-1584Medium6Nexus 9000 Series Fabric Switches in ACI modecisco-sa-nexus-acl-vrvQYPVe
Cisco Nexus 9500 Series Switches Access Control List Bypass VulnerabilityCVE-2021-1591Medium5.8Nexus 9500 Series Switchescisco-sa-nxos-login-blockfor-RwjGVEcu
Cisco NX-OS Software system login block-for Denial of Service VulnerabilityCVE-2021-1590Medium5.3MDS 9000 Series Multilayer Switches
Nexus 3000 Series Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-ucs-ssh-dos-MgvmyrQy
Cisco UCS Manager Software SSH Sessions Denial of Service VulnerabilityCVE-2021-1592Medium4.3UCS 6400 Series Fabric InterconnectsRelated Resources
Cisco Security Vulnerability Policy
MITRE Common Vulnerabilities and Exposures
Common Vulnerability Scoring System and the Security Impact Rating
Common Vulnerability Scoring System Q & A