Advisory ID: cisco-sa-iox-dos-4Fgcjh6 CVE ID: CVE-2021-1460 First Published: 2021-03-24 Severity: Medium (CVSS Base 5.3) Affected Products: - 809 Industrial ISR: Cisco IOS Software earlier than Release 15.9(3)M3 - 829 Industrial ISR: Cisco IOS Software earlier than Release 15.9(3)M3 - CGR 1000 Compute Module: CGR 1000 IOx Compute Platform Firmware earlier than Release 1.12.0.3 - IC3000 Industrial Compute Gateway: Industrial Compute Gateway Software earlier than Release 1.3.2 Vulnerability Summary: A vulnerability in the Cisco IOx Application Framework could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition by sending a high and sustained rate of crafted TCP traffic. Workarounds: No workarounds available. Fixed Software: Customers should upgrade to the fixed releases mentioned in the advisory. Exploitation and Public Announcements: No public announcements or malicious use of the vulnerability are known at the time of publication. Source: The vulnerability was found during internal security testing.