All the vulnerabilites related to cisco - aironet_1830i_firmware
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 05:44
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1542d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2051CA5B-967D-4830-87EB-1756559C1FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1562d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10BD5327-F3F8-4D0A-B6DC-2F11DF2E6866",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1815m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43C245F0-7F57-4B5D-8842-CB5D820A35EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E3225A6-DA3C-49FE-B0F8-8AC6B7DA3347",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1830e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCE2F50-4A9B-4F97-BBCA-42B3E541B3B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4590D445-B4B6-48E6-BF55-BEA6BA763410",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1840i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019221DE-A15E-4317-A922-269C4D16ED98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1840i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7ACCDC0-C215-46E3-AD42-658F8D2240CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1850e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EBE2C9B-B978-46BE-8E77-347ACE0E8178",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_2800i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED80079E-2744-4325-86DA-EA3647B45179",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3800p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F103B67B-89C9-465D-AF2E-3D24A8F5465D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_4800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5618CE7C-DF82-4849-AC79-A00B747883BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9105axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF827E8-02BE-42C0-A0CE-B649601847E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9115axe_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3DCF4E-081A-4375-A4A0-AAAD8F024114",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9117_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06C11A3E-E431-4923-AEBA-25E3247F19C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A99728C-9E6B-4249-BAAA-C080109EFC4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9124axd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF43EC0A-AC28-408A-8375-11CE249217A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9130axe_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67C380AE-C888-4AED-80D2-B9AF5EB9EC85",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_iw6300_ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4AFA1C-5A9E-4DF4-B9C7-66EF918548C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23153AA4-B169-4421-BFF8-873205FC9C21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:esw6300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3EBAC6D-93DB-4380-8B6E-61555A9C8A3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1100-8p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECAB3869-E15B-4ED4-A98C-75DE0DBA8F3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED555B12-41F4-4D62-B519-22601FB7AF8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE4AA225-8856-4C09-8CC8-1B9BA1A0F687",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D64BDE-0D00-4FBE-873B-F5D52AD0C5A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1160_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9001B2B7-952A-4E49-A358-C91702ACC161",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB653BFD-780E-4128-989A-7FD6DE398174",
"versionEndExcluding": "8.10.151.0",
"versionStartIncluding": "8.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF844D6-88AB-4CEA-8951-2DFE665B8655",
"versionEndExcluding": "16.12.6",
"versionStartIncluding": "16.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3461A79-FD22-4ECF-966E-E01BA8C6457C",
"versionEndExcluding": "17.3.3",
"versionStartIncluding": "17.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7364CCEF-0720-40E3-977B-8487D59E8BB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1542i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EC048-B84B-4744-BC04-BA8612C79D04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF844D6-88AB-4CEA-8951-2DFE665B8655",
"versionEndExcluding": "16.12.6",
"versionStartIncluding": "16.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3461A79-FD22-4ECF-966E-E01BA8C6457C",
"versionEndExcluding": "17.3.3",
"versionStartIncluding": "17.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7364CCEF-0720-40E3-977B-8487D59E8BB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF844D6-88AB-4CEA-8951-2DFE665B8655",
"versionEndExcluding": "16.12.6",
"versionStartIncluding": "16.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3461A79-FD22-4ECF-966E-E01BA8C6457C",
"versionEndExcluding": "17.3.3",
"versionStartIncluding": "17.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7364CCEF-0720-40E3-977B-8487D59E8BB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF844D6-88AB-4CEA-8951-2DFE665B8655",
"versionEndExcluding": "16.12.6",
"versionStartIncluding": "16.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3461A79-FD22-4ECF-966E-E01BA8C6457C",
"versionEndExcluding": "17.3.3",
"versionStartIncluding": "17.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7364CCEF-0720-40E3-977B-8487D59E8BB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1562e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "893D104F-6711-46F9-804C-4B57562166E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1562i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AABCC2-D2A5-4A89-9DF9-6F80EB871CC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1815w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E431B47-8694-4707-A3D0-CFA515CB33D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1815w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E09FEE6E-8169-4E90-ACF6-88BEE747D7A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1815t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE0E218-EFF7-4A4A-80D0-ED8CD038BFD0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1815t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E1D6F32-3F51-4C5B-97AF-1AD8917FCB07",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1815i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "205E19BF-078D-475D-A9F0-4A1604A2D554",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1830i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A99B8F7A-2C38-46C8-B592-EB525D05041C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848CC5CD-1982-4F31-A626-BD567E1C19F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1850i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "513FA6CC-4F9D-40CA-A8BD-1D5E6A1119BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_2800e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A796152-A567-4B7A-8202-94858CD95119",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3800i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34C47517-5F78-4D3C-818E-6DBFD1B56592",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3800e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD51123-ECF1-4042-AE1C-724FF4C51F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9105axw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9309C6-EC43-4EB9-BD7A-CBCC581AA58C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9115axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B69CC2B-CD3A-4BEF-8FF1-9925E460B049",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120axp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C73A651-932E-43CA-B40F-2F75510AEE36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120axe_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07AB0E3-151D-4D80-A482-41E7A27AE068",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9124axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA19FD7-047B-43AA-9237-807AAA2E9F7D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9130axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AA48001-7F56-4155-B70D-5DC41D73DB38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_iw6300_dc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3E846C-359B-4EF1-AD68-DE612C5697F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DC3B71-B64D-4C49-B089-B274FA34ECB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_iw6300_dcw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CFE9F2D-407B-49CE-BB6C-80DC941A9371",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F857465-314F-4124-9835-8A269486D654",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de administraci\u00f3n SSH de varias plataformas Cisco Access Points (APs), podr\u00eda permitir a un usuario local autenticado modificar archivos en el dispositivo afectado y posiblemente alcanzar privilegios escalados. La vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de las operaciones con archivos en la interfaz de administraci\u00f3n SSH. Un usuario administrador de red podr\u00eda explotar esta vulnerabilidad al acceder a un dispositivo afectado mediante la administraci\u00f3n SSH para realizar un cambio de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante alcanzar privilegios equivalentes a los del usuario root"
}
],
"id": "CVE-2021-1419",
"lastModified": "2024-11-21T05:44:19.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T03:15:07.697",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2021-1419
Vulnerability from cvelistv5
Published
2021-09-23 02:30
Modified
2024-11-07 21:52
Severity ?
EPSS score ?
Summary
A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Wireless LAN Controller (WLC) |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Cisco Access Points SSH Management Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1419",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:43:00.463255Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:52:19.550Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Wireless LAN Controller (WLC)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:30:23",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Cisco Access Points SSH Management Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv"
}
],
"source": {
"advisory": "cisco-sa-cisco-ap-LLjsGxv",
"defect": [
[
"CSCvw71885"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Access Points SSH Management Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-1419",
"STATE": "PUBLIC",
"TITLE": "Cisco Access Points SSH Management Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Wireless LAN Controller (WLC)",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Cisco Access Points SSH Management Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv"
}
]
},
"source": {
"advisory": "cisco-sa-cisco-ap-LLjsGxv",
"defect": [
[
"CSCvw71885"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1419",
"datePublished": "2021-09-23T02:30:23.947282Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T21:52:19.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}