From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Description: - Vulnerability Name: Multiple Cisco Products Snort Ethernet Frame Decoder Denial of Service Vulnerability - Vulnerability ID: cisco-sa-snort-ethernet-dos-HGXgJH8n - CVE Number: CVE-2021-1285 - CWE Number: CWE-770 - Severity: High - Release Date: March 3, 2021 - Version: 1.0 - Status: Final - CVSS Score: Base 7.4 2. Affected Products: - 1000 Series Integrated Services Routers (ISRs) - 4000 Series Integrated Services Routers (ISRs) - Catalyst 8000V Edge Software - Catalyst 8200 Series Edge Platforms - Catalyst 8300 Series Edge Platforms - Cloud Services Router 1000V Series - Integrated Services Virtual Router (ISRv) 3. Impact: - This vulnerability allows an unauthenticated, adjacent attacker to trigger a denial-of-service (DoS) condition by sending malicious Ethernet frames. 4. Mechanism: - The vulnerability arises from improper handling of error conditions during Ethernet frame processing. - Successful exploitation can allow an attacker to exhaust disk space on the affected device, resulting in administrators being unable to log in or the device failing to boot properly. 5. Solution: - Cisco has released software updates to address this vulnerability. - No workarounds are available. 6. Affected Software Versions: - All open-source Snort project versions prior to 2.9.17. - For affected Cisco software versions, refer to the Fixed Software section. 7. Unaffected Products: - 3000 Series Industrial Security Appliances (ISAs) - Adaptive Security Appliance (ASA) Software - Catalyst 8500 Series Edge Platforms - Catalyst 8500L Series Edge Platforms - Firepower Management Center (FMC) Software - Firepower Threat Defense (FTD) Software - Meraki Security Appliances 8. Workarounds: - No workarounds are available. 9. Fixed Software: - Cisco has released free software updates to address this vulnerability. - Customers can install and expect supported software versions and feature sets that match those they purchased. 10. Affected Software Versions: - Cisco IOS XE Software and Cisco IOS XE SD-WAN Software - For affected Cisco software versions, refer to the Fixed Software section. 11. Affected Software Versions: - Open-source Snort - For affected open-source Snort versions, refer to the Fixed Software section. 12. Public Announcements: - No public announcements or malicious exploitation of this vulnerability have been identified. 13. Source: - The vulnerability was discovered during the resolution of a Cisco TAC support case. 14. URL: - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ethernet-dos-HGXgJH8n 15. Revision History: - Version 1.0 - Initial public release - Final status - Release date: March 3, 2021 This information provides a detailed description of the vulnerability, including affected products, impact, solution, affected software versions, unaffected products, workarounds, fixed software, affected Cisco and open-source Snort versions, public announcements, source, URL, and revision history.