How severe is CVE-2021-1422?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.7 out of 10.

What type of vulnerability is CVE-2021-1422?

This is classified as CWE-617, which is a common weakness in software security.

CVE-2021-1422

HIGH Year: 2021

CVSS v3 Score

7.7

High

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-617

View all →

Vulnerability Description

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data. Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0.

CVE-2017-7605

HIGH

CVSS:7.8(High)

aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other im...

CWE-6172017

CVE-2018-19963

HIGH

CVSS:7.8(High)

An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for exter...

CWE-6172018

CVE-2019-14049

HIGH

CVSS:7.8(High)

Stage-2 fault will occur while writing to an ION system allocation which has been assigned to non-HLOS memory which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electron...

CWE-6172019

CVE-2021-30335

HIGH

CVSS:7.8(High)

Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon...

CWE-6172021

CVE-2021-36409

HIGH

CVSS:7.8(High)

There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the applic...

CWE-6172021

CVE-2023-52621

HIGH

CVSS:7.8(High)

In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These three bpf_map_{lookup,update,delete}_elem() helpers are a...

CWE-6172023

CVE-2021-1422

Vulnerability Description

Related Vulnerabilities

CVE-2017-7605

CVE-2018-19963

CVE-2019-14049

CVE-2021-30335

CVE-2021-36409

CVE-2023-52621