← Back

CVE-2021-1419

nvd nist
Published: Sep 23, 2021Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.

Affected (43)

Products: Cisco: Aironet 1542d Firmware, Aironet 1562d Firmware, Aironet 1815m Firmware, Aironet 1830e Firmware, Aironet 1840i Firmware, Aironet 1850e Firmware, Aironet 2800i Firmware, Aironet 3800p Firmware, Aironet 4800 Firmware, Catalyst 9105axi Firmware, Catalyst 9115axe Firmware, Catalyst 9117 Firmware, Catalyst 9120axi Firmware, Catalyst 9124axd Firmware, Catalyst 9130axe Firmware, Catalyst Iw6300 Ac Firmware, Esw6300 Firmware, 1100 8p Firmware, 1120 Firmware, 1160 Firmware, Wireless Lan Controller Software, Aironet 1542i Firmware, Catalyst 9800 Firmware, Aironet 1562e Firmware, Aironet 1562i Firmware, Aironet 1815w Firmware, Aironet 1815t Firmware, Aironet 1815i Firmware, Aironet 1830i Firmware, Aironet 1850i Firmware, Aironet 2800e Firmware, Aironet 3800i Firmware, Aironet 3800e Firmware, Catalyst 9105axw Firmware, Catalyst 9115axi Firmware, Catalyst 9120axp Firmware, Catalyst 9120axe Firmware, Catalyst 9124axi Firmware, Catalyst 9130axi Firmware, Catalyst Iw6300 Dc Firmware, Catalyst Iw6300 Dcw Firmware
Cisco
41 products
Aironet 1542d Firmware
Aironet 1562d Firmware
Aironet 1815m Firmware
Aironet 1830e Firmware
Aironet 1840i Firmware
Aironet 1850e Firmware
Aironet 2800i Firmware
Aironet 3800p Firmware
Aironet 4800 Firmware
Catalyst 9105axi Firmware
Catalyst 9115axe Firmware
Catalyst 9117 Firmware
Catalyst 9120axi Firmware
Catalyst 9124axd Firmware
Catalyst 9130axe Firmware
Catalyst Iw6300 Ac Firmware
Esw6300 Firmware
1100 8p Firmware
1120 Firmware
1160 Firmware
Wireless Lan Controller Software
Aironet 1542i Firmware
Catalyst 9800 Firmware
Aironet 1562e Firmware
Aironet 1562i Firmware
Aironet 1815w Firmware
Aironet 1815t Firmware
Aironet 1815i Firmware
Aironet 1830i Firmware
Aironet 1850i Firmware
Aironet 2800e Firmware
Aironet 3800i Firmware
Aironet 3800e Firmware
Catalyst 9105axw Firmware
Catalyst 9115axi Firmware
Catalyst 9120axp Firmware
Catalyst 9120axe Firmware
Catalyst 9124axi Firmware
Catalyst 9130axi Firmware
Catalyst Iw6300 Dc Firmware
Catalyst Iw6300 Dcw Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1542d Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1542d
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1562d Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1562d
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1815m Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1815m
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1830e Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1830e
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1840i Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1840i
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1850e Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1850e
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 2800i Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 2800i
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 3800p Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 3800p
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 4800 Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 4800
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9105axi Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9105axi
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9115axe Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9115axe
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9117 Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9117axi
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9120axi Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9120axi
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9124axd Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9124axd
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9130axe Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9130axe
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst Iw6300 Ac Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst Iw6300 Ac
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Esw6300 Firmware
All versions
Running on/withPlatform Versions
Cisco
Esw6300
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
1100 8p Firmware
All versions
Running on/withPlatform Versions
Cisco
1100 8p
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
1120 Firmware
All versions
Running on/withPlatform Versions
Cisco
1120
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
1160 Firmware
All versions
Running on/withPlatform Versions
Cisco
1160 Integrated Services Router
All versions
Configuration U
1 vulnerable
Vulnerable SoftwareAffected Versions
Wireless Lan Controller Software
From 8.10 to 8.10.151.0
Configuration V
1 platform
Running on/withPlatform Versions
Cisco
Catalyst 9800 L
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1542i Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1542i
All versions
Configuration X
1 platform
Running on/withPlatform Versions
Cisco
Catalyst 9800 Cl
All versions
Configuration Y
1 platform
Running on/withPlatform Versions
Cisco
Catalyst 9800 40
All versions
Configuration Z
3 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Catalyst 9800 Firmware
From 16.12 to 16.12.6
Catalyst 9800 Firmware
From 17.3 to 17.3.3
Catalyst 9800 Firmware
Version 17.4
Running on/withPlatform Versions
Cisco
Catalyst 9800 80
All versions
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1562e Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1562e
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1562i Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1562i
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1815w Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1815w
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1815t Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1815t
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1815i Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1815i
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1830i Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1830i
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 1850i Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 1850i
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 2800e Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 2800e
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 3800i Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 3800i
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Aironet 3800e Firmware
All versions
Running on/withPlatform Versions
Cisco
Aironet 3800e
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9105axw Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9105axw
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9115axi Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9115axi
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9120axp Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9120axp
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9120axe Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9120axe
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9124axi Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9124axi
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst 9130axi Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst 9130axi
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst Iw6300 Dc Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst Iw6300 Dc
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Catalyst Iw6300 Dcw Firmware
All versions
Running on/withPlatform Versions
Cisco
Catalyst Iw6300 Dcw
All versions

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

Source: psirt@cisco.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.