FKIE_CVE-2021-1376
Vulnerability from fkie_nvd - Published: 2021-03-24 21:15 - Updated: 2024-11-21 05:44
Severity ?
Summary
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and boot a malicious software image, or execute unsigned binaries on an affected device. These vulnerabilities are due to improper checks performed by system boot routines. To exploit these vulnerabilities, the attacker would need privileged access to the CLI of the device. A successful exploit could allow the attacker to either execute arbitrary code on the underlying operating system or execute unsigned code and bypass the image verification check part of the secure boot process. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7B2557-821D-4E05-B5C3-67192573D97D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE6EC32-51E4-43A3-BFB9-A0D842D08E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F821EBD7-91E2-4460-BFAF-18482CF6CB8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E36D2D24-8F63-46DE-AC5F-8DE33332EBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B825E6-5929-4890-BDBA-4CF4BD2314C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65020120-491D-46CD-8C73-974B6F4C11E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7ADDCD0A-6168-45A0-A885-76CC70FE2FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "3F35C623-6043-43A6-BBAA-478E185480CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D83E34F4-F4DD-49CC-9C95-93F9D4D26B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8F50DB-3A80-4D89-9F7B-86766D37338B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFC70A2-87BC-4898-BCF3-57F7B1DD5F10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8DA556-ABF3-48D0-95B8-E57DBE1B5A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4463A1D1-E169-4F0B-91B2-FA126BB444CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9C585C-A6EC-4385-B915-046C110BF95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "78DE7780-4E8B-4BB6-BDEB-58032EC65851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F29CEE37-4044-4A3C-9685-C9C021FD346A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "5292764A-7D1C-4E04-86EF-809CB68EDD25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FDA817-3A50-4B9E-8F4E-F613BDB3E9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "1E16D266-108F-4F8A-998D-F1CA25F2EAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "41D55481-C80E-4400-9C3D-9F6B1F7F13CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BF9829-F80E-4837-A420-39B291C4E17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AB80E7-0714-44ED-9671-12C877B36A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "961F8312-31B9-44E7-8858-EF8E2134F447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "ADED0D82-2A4D-4235-BFAC-5EE2D862B652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "5820D71D-FC93-45AA-BC58-A26A1A39C936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1C85DD-69CC-4AA8-B219-651D57FC3506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B53E377A-0296-4D7A-B97C-576B0026543D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6FB4DC-814D-49D2-BBE2-3861AE985A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9173AD6-6658-4267-AAA7-D50D0B657528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F02EE9D-45B1-43D6-B05D-6FF19472216B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89369318-2E83-489F-B872-5F2E247BBF8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and boot a malicious software image, or execute unsigned binaries on an affected device. These vulnerabilities are due to improper checks performed by system boot routines. To exploit these vulnerabilities, the attacker would need privileged access to the CLI of the device. A successful exploit could allow the attacker to either execute arbitrary code on the underlying operating system or execute unsigned code and bypass the image verification check part of the secure boot process. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en la funcionalidad fast reload del Software Cisco IOS XE que se ejecuta en los Switches Cisco Catalyst 3850, Cisco Catalyst 9300 y Cisco Catalyst 9300L Series, podr\u00edan permitir a un atacante local autenticado ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente, instalar y arrancar un imagen de software malicioso o ejecutar binarios sin firmar en un dispositivo afectado.\u0026#xa0;Estas vulnerabilidades son debido a comprobaciones incorrectas llevadas a cabo por las rutinas de arranque del sistema.\u0026#xa0;Para explotar estas vulnerabilidades, el atacante necesitar\u00eda acceso privilegiado a la CLI del dispositivo.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente o ejecutar c\u00f3digo sin firmar y omitir la parte de comprobaci\u00f3n de imagen del proceso de arranque seguro.\u0026#xa0;Para mayor informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1376",
"lastModified": "2024-11-21T05:44:12.747",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-24T21:15:12.177",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fast-Zqr6DD5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fast-Zqr6DD5"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…