What is CVE-2021-1350?

CVE-2021-1350 is a medium-severity vulnerability in Cisco Umbrella Insights Virtual Appliance, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 5.3/10. Published 2021-01-20.

How severe is CVE-2021-1350?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Resource exhaustion in Cisco Umbrella Insights Virtual Appliance

CVE-2021-1350

A vulnerability in the web UI of Cisco Umbrella could allow an unauthenticated, remote attacker to negatively affect the performance of this service. The vulnerability exists due to insufficient rate limiting controls in the web UI. An att…

EPSS: 0.004 (57.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L.

Affected products

Cisco Umbrella Insights Virtual Appliance — versions n/a

Weakness classification (CWE)

CWE-770 — Allocation of Resources Without Limits or Throttling

References

20210120 Cisco Umbrella Dashboard Packet Flood Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2021-1350?: CVE-2021-1350 is a medium-severity vulnerability in Cisco Umbrella Insights Virtual Appliance, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 5.3/10. Published 2021-01-20.
How severe is CVE-2021-1350?: Medium severity. CVSS v3 base score is 5.3 out of 10.