CVE-2021-1384

moderate-risk
Published 2021-03-24

A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands into the underlying operating system as the root user. This vulnerability is due to incomplete validation of fields in the application packages loaded onto IOx. An attacker could exploit this vulnerability by creating a crafted application .tar file and loading it onto the device. A successful exploit could allow the attacker to perform command injection into the underlying operating system as the root user.

Do I need to act?

!
14.3% chance of exploitation in next 30 days
EPSS score — higher than 86% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10 Medium
NETWORK / LOW complexity

Affected Products (2)

Affected Vendors

Cisco

References (4)

Exploit https://github.com/orangecertcc/security-research/security/advisories/GHSA-h332-...
Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-i...
Exploit https://github.com/orangecertcc/security-research/security/advisories/GHSA-h332-...
Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-i...
43
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 12/34 · Low
Exposure 7/34 · Low