CVE-2021-1419

moderate-risk
Published 2021-09-23

A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.

Do I need to act?

-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (20)

Aironet 1542D Firmware
Aironet 1562D Firmware
Aironet 1815M Firmware
Aironet 1830E Firmware
Aironet 1840I Firmware
Aironet 1850E Firmware
Aironet 2800I Firmware
Aironet 3800P Firmware
Aironet 4800 Firmware
Catalyst 9105Axi Firmware
Catalyst 9115Axe Firmware
Catalyst 9117 Firmware
Catalyst 9120Axi Firmware
Catalyst 9124Axd Firmware
Catalyst 9130Axe Firmware
Catalyst Iw6300 Ac Firmware
Esw6300 Firmware
1100-8P Firmware
1120 Firmware
1160 Firmware

Affected Vendors

Cisco

References (2)

Patch https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c...
Patch https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c...
48
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 0/34 · Minimal
Exposure 24/34 · High