Cisco NX-OS Software system login block-for DoS (cisco-sa-nxos-login-blockfor-RwjGVEcu)

medium Nessus Plugin ID 168367


The remote device is missing a vendor-supplied security patch


A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCuz49095, CSCvw45963, CSCvx74585

See Also

Plugin Details

Severity: Medium

ID: 168367

File Name: cisco-sa-nxos-login-blockfor-RwjGVEcu.nasl

Version: 1.6

Type: combined

Family: CISCO

Published: 12/2/2022

Updated: 12/5/2022

Supported Sensors: Nessus

Risk Information


Risk Factor: Low

Score: 1.4


Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2021-1590


Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:nx-os

Required KB Items: Host/Cisco/NX-OS/Version, Host/Cisco/NX-OS/Model, Host/Cisco/NX-OS/Device

Exploit Ease: No known exploits are available

Patch Publication Date: 8/25/2021

Vulnerability Publication Date: 8/25/2021

Reference Information

CVE: CVE-2021-1590