CVE-2021-1616
Description
A vulnerability in the H.323 application level gateway (ALG) used by the Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass the ALG. This vulnerability is due to insufficient data validation of traffic that is traversing the ALG. An attacker could exploit this vulnerability by sending crafted traffic to a targeted device. A successful exploit could allow the attacker to bypass the ALG and open connections that should not be allowed to a remote device located behind the ALG. Note: This vulnerability has been publicly discussed as NAT Slipstreaming.
Risk Information
Base Score
4.7
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.429
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco IOS XE Software H.323 Application Level Gateway Bypass Vulnerability For Cisco IOS XE Software | NCM |
| CVE-2021-1616 | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1706107 | Security Update for Cisco IOS XE Software 5.2(1)SV5(1.3a) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234