CVE-2021-1361

EPSS 0.29%
Published 24.02.2021 20:15:13
Last modified 21.11.2024 05:44:10
Source psirt@cisco.com
Teams watchlist Login
Open Login

A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.

Affected products Warnungen 0 Metrics 4 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Nx-os Version9.3(5)

   Cisco ≫ Nexus 3000 Version-
   Cisco ≫ Nexus 3100 Version-
   Cisco ≫ Nexus 3100-z Version-
   Cisco ≫ Nexus 3100v Version-
   Cisco ≫ Nexus 3200 Version-
   Cisco ≫ Nexus 3400 Version-
   Cisco ≫ Nexus 3500 Version-
   Cisco ≫ Nexus 3600 Version-
   Cisco ≫ Nexus 9000v Version-
   Cisco ≫ Nexus 92160yc-x Version-
   Cisco ≫ Nexus 92300yc Version-
   Cisco ≫ Nexus 92304qc Version-
   Cisco ≫ Nexus 92348gc-x Version-
   Cisco ≫ Nexus 9236c Version-
   Cisco ≫ Nexus 9272q Version-
   Cisco ≫ Nexus 93108tc-ex Version-
   Cisco ≫ Nexus 93108tc-ex-24 Version-
   Cisco ≫ Nexus 93108tc-fx Version-
   Cisco ≫ Nexus 93108tc-fx-24 Version-
   Cisco ≫ Nexus 93120tx Version-
   Cisco ≫ Nexus 93128tx Version-
   Cisco ≫ Nexus 9316d-gx Version-
   Cisco ≫ Nexus 93180lc-ex Version-
   Cisco ≫ Nexus 93180yc-ex Version-
   Cisco ≫ Nexus 93180yc-ex-24 Version-
   Cisco ≫ Nexus 93180yc-fx Version-
   Cisco ≫ Nexus 93180yc-fx-24 Version-
   Cisco ≫ Nexus 93180yc-fx3 Version-
   Cisco ≫ Nexus 93180yc-fx3s Version-
   Cisco ≫ Nexus 93216tc-fx2 Version-
   Cisco ≫ Nexus 93240yc-fx2 Version-
   Cisco ≫ Nexus 9332c Version-
   Cisco ≫ Nexus 9332pq Version-
   Cisco ≫ Nexus 93360yc-fx2 Version-
   Cisco ≫ Nexus 9336c-fx2 Version-
   Cisco ≫ Nexus 9336c-fx2-e Version-
   Cisco ≫ Nexus 9336pq Aci Spine Version-
   Cisco ≫ Nexus 9348gc-fxp Version-
   Cisco ≫ Nexus 93600cd-gx Version-
   Cisco ≫ Nexus 9364c Version-
   Cisco ≫ Nexus 9364c-gx Version-
   Cisco ≫ Nexus 9372px Version-
   Cisco ≫ Nexus 9372px-e Version-
   Cisco ≫ Nexus 9372tx Version-
   Cisco ≫ Nexus 9372tx-e Version-
   Cisco ≫ Nexus 9396px Version-
   Cisco ≫ Nexus 9396tx Version-
   Cisco ≫ Nexus 9508 Version-

Cisco ≫ Nx-os Version9.3(6)

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.29%	0.497

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
nvd@nist.gov	9.4	10	9.2	AV:N/AC:L/Au:N/C:N/I:C/A:C
psirt@cisco.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-552 Files or Directories Accessible to External Parties

The product makes files or directories accessible to unauthorized actors, even though they should not be.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-1361

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-1361

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-1361

EUVD