CVE-2021-1564— Cisco Video Surveillance 7000 Series IP Cameras Cisco Discovery and Link Layer Discovery Protocol Memory Leak Vulnerabilities
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-1564
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Video Surveillance 7000 Series IP Cameras Cisco Discovery and Link Layer Discovery Protocol Memory Leak Vulnerabilities
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple vulnerabilities in the implementation of the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. These vulnerabilities are due to incorrect processing of certain Cisco Discovery Protocol and LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted Cisco Discovery Protocol or LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition. Note: Cisco Discovery Protocol and LLDP are Layer 2 protocols. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Video Surveillance Manager 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Video Surveillance Manager(VSM)是美国思科(Cisco)公司的一套视频监视管理器软件。它提供了一个基于浏览器的用户界面,主要用于收集、管理、录制、归档和分类来自多个第三方视频编码器和IP摄像头的视频。 Cisco Video Surveillance Manager 存在资源管理错误漏洞,该漏洞源于链路层协议内存泄漏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco Video Surveillance 7000 Series IP Cameras | n/a | - |
II. Public POCs for CVE-2021-1564
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-1564
请登录查看更多情报信息。
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldpcdp-mem-yTQDmjROvendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2021-1564
Same Patch Batch · Cisco · 2021-06-04 · 15 CVEs total
| CVE-2021-1540 | 8.1 HIGH | Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities |
| CVE-2021-1539 | 8.1 HIGH | Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities |
| CVE-2021-1528 | 7.8 HIGH | Cisco SD-WAN Software Privilege Escalation Vulnerability |
| CVE-2021-1526 | 7.8 HIGH | Cisco Webex Player Memory Corruption Vulnerability |
| CVE-2021-1503 | 7.8 HIGH | Cisco Webex Network Recording Player and Webex Player Memory Corruption Vulnerability |
| CVE-2021-1502 | 7.8 HIGH | Cisco Webex Network Recording Player and Webex Player Memory Corruption Vulnerability |
| CVE-2021-1563 | 6.5 MEDIUM | Cisco Video Surveillance 7000 Series IP Cameras Cisco Discovery and Link Layer Discovery P |
| CVE-2021-1537 | 6.2 MEDIUM | Cisco ThousandEyes Recorder Information Disclosure Vulnerability |
| CVE-2021-1544 | 5.5 MEDIUM | Cisco Webex Meetings Client Software Logging Information Disclosure Vulnerability |
| CVE-2021-1527 | 5.3 MEDIUM | Cisco Webex Player Memory Corruption Vulnerability |
| CVE-2021-1517 | 5.0 MEDIUM | Cisco Webex Meetings and Webex Meetings Server Multimedia Sharing Security Bypass Vulnerab |
| CVE-2021-1536 | 4.8 MEDIUM | Cisco Webex Meetings, Webex Network Recording Player, and Webex Teams DLL Injection Vulner |
| CVE-2021-1538 | 4.7 MEDIUM | Cisco Common Services Platform Collector Command Injection Vulnerability |
| CVE-2021-1525 | 4.7 MEDIUM | Cisco Webex Meetings and Webex Meetings Server File Redirect Vulnerability |
IV. Related Vulnerabilities
Same product: Cisco Video Surveillance 7000 Series IP Cameras
- CVE-2021-34734
Cisco Video Surveillance 7000 Series IP Cameras Link Layer D - CVE-2021-1598
Cisco Video Surveillance 7000 Series IP Cameras Link Layer D - CVE-2021-1597
Cisco Video Surveillance 7000 Series IP Cameras Link Layer D - CVE-2021-1596
Cisco Video Surveillance 7000 Series IP Cameras Link Layer D - CVE-2021-1595
Cisco Video Surveillance 7000 Series IP Cameras Link Layer D
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
Same weakness: CWE-400
- CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-42343
FastGPT: Uncontrolled Resource Consumption leading to Sandbo - CVE-2026-42212
SolidCAM-GPPL-IDE: XML External Entity (XXE) and billion-lau - CVE-2026-32686
Unbounded exponent in decimal enables unauthenticated DoS - CVE-2026-20188
Cisco Crosswork Network Controller and Cisco Network Service
V. Comments for CVE-2021-1564
No comments yet