How severe is CVE-2021-1568?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2021-1568?

This is classified as CWE-789, which is a common weakness in software security.

CVE-2021-1568 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copying a crafted file to a specific folder on the system. A successful exploit could allow the attacker to crash the VPN Agent service when the affected application is launched, causing it to be unavailable to all users of the system. To exploit this vulnerability, the attacker must have valid credentials on a multiuser Windows system.

Related Vulnerabilities

CVE-2021-1283

MEDIUM

CVSS:5.5(Medium)

A vulnerability in the logging subsystem of Cisco Data Center Network Manager (DCNM) could allow an authenticated, local attacker to view sensitive information in a system log file that should be rest...

CWE-7892021

CVE-2021-27906

MEDIUM

CVSS:5.5(Medium)

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

CWE-7892021

CVE-2021-31811

MEDIUM

CVSS:5.5(Medium)

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

CWE-7892021

CVE-2022-20717

MEDIUM

CVSS:5.5(Medium)

A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (Do...

CWE-7892022

CVE-2024-40680

MEDIUM

CVSS:5.5(Medium)

IBM MQ 9.3 CD and 9.4 LTS/CD could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault.

CWE-7892024

CVE-2023-0809

MEDIUM

CVSS:5.3(Medium)

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.

CWE-7892023