CVE-2021-1419

EPSS 0.04%
Published 23.09.2021 03:15:07
Last modified 21.11.2024 05:44:19
Source psirt@cisco.com
Teams watchlist Login
Open Login

A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.

Affected products Warnungen 0 Metrics 4 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Aironet 1542d Firmware Version-

Cisco ≫ Aironet 1542d Version-

Cisco ≫ Aironet 1562d Firmware Version-

Cisco ≫ Aironet 1562d Version-

Cisco ≫ Aironet 1815m Firmware Version-

Cisco ≫ Aironet 1815m Version-

Cisco ≫ Aironet 1830e Firmware Version-

Cisco ≫ Aironet 1830e Version-

Cisco ≫ Aironet 1840i Firmware Version-

Cisco ≫ Aironet 1840i Version-

Cisco ≫ Aironet 1850e Firmware Version-

Cisco ≫ Aironet 1850e Version-

Cisco ≫ Aironet 2800i Firmware Version-

Cisco ≫ Aironet 2800i Version-

Cisco ≫ Aironet 3800p Firmware Version-

Cisco ≫ Aironet 3800p Version-

Cisco ≫ Aironet 4800 Firmware Version-

Cisco ≫ Aironet 4800 Version-

Cisco ≫ Catalyst 9105axi Firmware Version-

Cisco ≫ Catalyst 9105axi Version-

Cisco ≫ Catalyst 9115axe Firmware Version-

Cisco ≫ Catalyst 9115axe Version-

Cisco ≫ Catalyst 9117 Firmware Version-

Cisco ≫ Catalyst 9117axi Version-

Cisco ≫ Catalyst 9120axi Firmware Version-

Cisco ≫ Catalyst 9120axi Version-

Cisco ≫ Catalyst 9124axd Firmware Version-

Cisco ≫ Catalyst 9124axd Version-

Cisco ≫ Catalyst 9130axe Firmware Version-

Cisco ≫ Catalyst 9130axe Version-

Cisco ≫ Catalyst Iw6300 Ac Firmware Version-

Cisco ≫ Catalyst Iw6300 Ac Version-

Cisco ≫ Esw6300 Firmware Version-

Cisco ≫ Esw6300 Version-

Cisco ≫ 1100-8p Firmware Version-

Cisco ≫ 1100-8p Version-

Cisco ≫ 1120 Firmware Version-

Cisco ≫ 1120 Version-

Cisco ≫ 1160 Firmware Version-

Cisco ≫ 1160 Integrated Services Router Version-

Cisco ≫ Wireless Lan Controller Software Version >= 8.10 < 8.10.151.0

Cisco ≫ Catalyst 9800 Firmware Version >= 16.12 < 16.12.6

Cisco ≫ Catalyst 9800-l Version-

Cisco ≫ Catalyst 9800 Firmware Version >= 17.3 < 17.3.3

Cisco ≫ Catalyst 9800-l Version-

Cisco ≫ Catalyst 9800 Firmware Version17.4

Cisco ≫ Catalyst 9800-l Version-

Cisco ≫ Aironet 1542i Firmware Version-

Cisco ≫ Aironet 1542i Version-

Cisco ≫ Catalyst 9800 Firmware Version >= 16.12 < 16.12.6

Cisco ≫ Catalyst 9800-cl Version-

Cisco ≫ Catalyst 9800 Firmware Version >= 17.3 < 17.3.3

Cisco ≫ Catalyst 9800-cl Version-

Cisco ≫ Catalyst 9800 Firmware Version17.4

Cisco ≫ Catalyst 9800-cl Version-

Cisco ≫ Catalyst 9800 Firmware Version >= 16.12 < 16.12.6

Cisco ≫ Catalyst 9800-40 Version-

Cisco ≫ Catalyst 9800 Firmware Version >= 17.3 < 17.3.3

Cisco ≫ Catalyst 9800-40 Version-

Cisco ≫ Catalyst 9800 Firmware Version17.4

Cisco ≫ Catalyst 9800-40 Version-

Cisco ≫ Catalyst 9800 Firmware Version >= 16.12 < 16.12.6

Cisco ≫ Catalyst 9800-80 Version-

Cisco ≫ Catalyst 9800 Firmware Version >= 17.3 < 17.3.3

Cisco ≫ Catalyst 9800-80 Version-

Cisco ≫ Catalyst 9800 Firmware Version17.4

Cisco ≫ Catalyst 9800-80 Version-

Cisco ≫ Aironet 1562e Firmware Version-

Cisco ≫ Aironet 1562e Version-

Cisco ≫ Aironet 1562i Firmware Version-

Cisco ≫ Aironet 1562i Version-

Cisco ≫ Aironet 1815w Firmware Version-

Cisco ≫ Aironet 1815w Version-

Cisco ≫ Aironet 1815t Firmware Version-

Cisco ≫ Aironet 1815t Version-

Cisco ≫ Aironet 1815i Firmware Version-

Cisco ≫ Aironet 1815i Version-

Cisco ≫ Aironet 1830i Firmware Version-

Cisco ≫ Aironet 1830i Version-

Cisco ≫ Aironet 1850i Firmware Version-

Cisco ≫ Aironet 1850i Version-

Cisco ≫ Aironet 2800e Firmware Version-

Cisco ≫ Aironet 2800e Version-

Cisco ≫ Aironet 3800i Firmware Version-

Cisco ≫ Aironet 3800i Version-

Cisco ≫ Aironet 3800e Firmware Version-

Cisco ≫ Aironet 3800e Version-

Cisco ≫ Catalyst 9105axw Firmware Version-

Cisco ≫ Catalyst 9105axw Version-

Cisco ≫ Catalyst 9115axi Firmware Version-

Cisco ≫ Catalyst 9115axi Version-

Cisco ≫ Catalyst 9120axp Firmware Version-

Cisco ≫ Catalyst 9120axp Version-

Cisco ≫ Catalyst 9120axe Firmware Version-

Cisco ≫ Catalyst 9120axe Version-

Cisco ≫ Catalyst 9124axi Firmware Version-

Cisco ≫ Catalyst 9124axi Version-

Cisco ≫ Catalyst 9130axi Firmware Version-

Cisco ≫ Catalyst 9130axi Version-

Cisco ≫ Catalyst Iw6300 Dc Firmware Version-

Cisco ≫ Catalyst Iw6300 Dc Version-

Cisco ≫ Catalyst Iw6300 Dcw Firmware Version-

Cisco ≫ Catalyst Iw6300 Dcw Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.069

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C
psirt@cisco.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-1419

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-1419

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-1419

EUVD