CVE-2021-1419

A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.

CVSS v3 7.8 HIGH
CVSS v2.0 7.2 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv	Patch Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:aironet_1542d_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:cisco:aironet_1562d_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:cisco:aironet_1815m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:cisco:aironet_1830e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:cisco:aironet_1840i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1840i:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:cisco:aironet_1850e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:cisco:aironet_2800i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:cisco:aironet_3800p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:cisco:aironet_4800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:cisco:catalyst_9105axi_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:cisco:catalyst_9115axe_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:cisco:catalyst_9117_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:cisco:catalyst_9120axi_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:cisco:catalyst_9124axd_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:cisco:catalyst_9130axe_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:cisco:catalyst_iw6300_ac_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:cisco:esw6300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:cisco:1100-8p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:cisco:1120_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1120:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:cisco:1160_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*

Configuration 21 (hide)

cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

OR	cpe:2.3:o:cisco:catalyst_9800_firmware::::::::
	cpe:2.3:o:cisco:catalyst_9800_firmware::::::::
	cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:::::::*

cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:cisco:aironet_1542i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

OR	cpe:2.3:o:cisco:catalyst_9800_firmware::::::::
	cpe:2.3:o:cisco:catalyst_9800_firmware::::::::
	cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:::::::*

cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

OR	cpe:2.3:o:cisco:catalyst_9800_firmware::::::::
	cpe:2.3:o:cisco:catalyst_9800_firmware::::::::
	cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:::::::*

cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

OR	cpe:2.3:o:cisco:catalyst_9800_firmware::::::::
	cpe:2.3:o:cisco:catalyst_9800_firmware::::::::
	cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:::::::*

cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:cisco:aironet_1562e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:cisco:aironet_1562i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:cisco:aironet_1815w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1815w:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:cisco:aironet_1815t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1815t:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:cisco:aironet_1815i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND

cpe:2.3:o:cisco:aironet_1830i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND

cpe:2.3:o:cisco:aironet_1850i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND

cpe:2.3:o:cisco:aironet_2800e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND

cpe:2.3:o:cisco:aironet_3800i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND

cpe:2.3:o:cisco:aironet_3800e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND

cpe:2.3:o:cisco:catalyst_9105axw_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND

cpe:2.3:o:cisco:catalyst_9115axi_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND

cpe:2.3:o:cisco:catalyst_9120axp_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND

cpe:2.3:o:cisco:catalyst_9120axe_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND

cpe:2.3:o:cisco:catalyst_9124axi_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND

cpe:2.3:o:cisco:catalyst_9130axi_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND

cpe:2.3:o:cisco:catalyst_iw6300_dc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND

cpe:2.3:o:cisco:catalyst_iw6300_dcw_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:44

Type	Values Removed	Values Added
References	~~() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv - Patch, Vendor Advisory~~	() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv - Patch, Vendor Advisory

03 Oct 2023, 15:38

Type	Values Removed	Values Added
First Time		Cisco 1160 Integrated Services Router Cisco esw6300 Firmware Cisco esw6300
CPE	cpe:2.3:h:cisco:esw-6300:-:::::::* cpe:2.3:h:cisco:1160:-:::::::* cpe:2.3:o:cisco:esw-6300_firmware:-:::::::*	cpe:2.3:o:cisco:esw6300_firmware:-:::::::* cpe:2.3:h:cisco:esw6300:-:::::::* cpe:2.3:h:cisco:1160_integrated_services_router:-:::::::*

Information

Published : 2021-09-23 03:15

Updated : 2024-11-21 05:44

NVD link : CVE-2021-1419

Mitre link : CVE-2021-1419

CVE.ORG link : CVE-2021-1419

JSON object : View

Products Affected

cisco

catalyst_9124axd
aironet_1830e_firmware
aironet_1850i_firmware
aironet_1830e
catalyst_9800-cl
catalyst_9130axe
aironet_1815t
catalyst_9124axd_firmware
aironet_1562e
catalyst_9130axi
catalyst_9117_firmware
aironet_1562d_firmware
catalyst_9800-l
1160_integrated_services_router
aironet_1850e_firmware
1120
aironet_2800i_firmware
aironet_1815i_firmware
catalyst_9105axw_firmware
catalyst_9115axi
aironet_1815i
catalyst_iw6300_dc
catalyst_iw6300_ac_firmware
catalyst_iw6300_dcw
catalyst_9124axi
1120_firmware
aironet_1840i
catalyst_9800-80
aironet_3800e_firmware
aironet_3800e
aironet_1850e
aironet_3800p_firmware
catalyst_iw6300_ac
aironet_2800e_firmware
aironet_1815m_firmware
aironet_1542i
wireless_lan_controller_software
1160_firmware
1100-8p
aironet_3800p
catalyst_iw6300_dc_firmware
aironet_1562e_firmware
aironet_1562d
catalyst_iw6300_dcw_firmware
aironet_1815t_firmware
aironet_1850i
catalyst_9105axi_firmware
aironet_2800e
catalyst_9124axi_firmware
catalyst_9130axi_firmware
aironet_4800
aironet_3800i_firmware
catalyst_9120axe
esw6300_firmware
esw6300
catalyst_9120axi
aironet_1542d_firmware
catalyst_9120axe_firmware
catalyst_9800-40
catalyst_9115axe_firmware
catalyst_9120axp
aironet_4800_firmware
catalyst_9105axi
catalyst_9117axi
1100-8p_firmware
aironet_1840i_firmware
aironet_1562i
catalyst_9800_firmware
aironet_1542i_firmware
aironet_1815w
catalyst_9120axi_firmware
aironet_1830i
catalyst_9115axe
aironet_3800i
aironet_2800i
catalyst_9115axi_firmware
aironet_1830i_firmware
aironet_1815w_firmware
catalyst_9130axe_firmware
catalyst_9105axw
aironet_1815m
aironet_1542d
catalyst_9120axp_firmware
aironet_1562i_firmware

CWE

CWE-284

Improper Access Control

NVD-CWE-Other

7.8 /10