Strix
26.1K

CVE-2021-1419

HIGHCVSS 7.8/10EPSS 0.21%

Last modified

CVE-2021-1419 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. EPSS estimates a 0.21% chance of exploitation in the next 30 days.

Description

A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.

Metrics

CVSS 3.1
7.8/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
0.21%

11.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoAironet 1542d FirmwareAll versions
CiscoAironet 1562d FirmwareAll versions
CiscoAironet 1815m FirmwareAll versions
CiscoAironet 1830e FirmwareAll versions
CiscoAironet 1840i FirmwareAll versions
CiscoAironet 1850e FirmwareAll versions
CiscoAironet 2800i FirmwareAll versions
CiscoAironet 3800p FirmwareAll versions
CiscoAironet 4800 FirmwareAll versions
CiscoCatalyst 9105axi FirmwareAll versions
CiscoCatalyst 9115axe FirmwareAll versions
CiscoCatalyst 9117 FirmwareAll versions
CiscoCatalyst 9120axi FirmwareAll versions
CiscoCatalyst 9124axd FirmwareAll versions
CiscoCatalyst 9130axe FirmwareAll versions
CiscoCatalyst Iw6300 Ac FirmwareAll versions
CiscoEsw6300 FirmwareAll versions
Cisco1100-8p FirmwareAll versions
Cisco1120 FirmwareAll versions
Cisco1160 FirmwareAll versions
CiscoWireless Lan Controller Software>= 8.10, < 8.10.151.0
CiscoCatalyst 9800 Firmware>= 16.12, < 16.12.6
CiscoCatalyst 9800 Firmware>= 17.3, < 17.3.3
CiscoCatalyst 9800 Firmware17.4
CiscoAironet 1542i FirmwareAll versions
CiscoAironet 1562e FirmwareAll versions
CiscoAironet 1562i FirmwareAll versions
CiscoAironet 1815w FirmwareAll versions
CiscoAironet 1815t FirmwareAll versions
CiscoAironet 1815i FirmwareAll versions
CiscoAironet 1830i FirmwareAll versions
CiscoAironet 1850i FirmwareAll versions
CiscoAironet 2800e FirmwareAll versions
CiscoAironet 3800i FirmwareAll versions
CiscoAironet 3800e FirmwareAll versions
CiscoCatalyst 9105axw FirmwareAll versions
CiscoCatalyst 9115axi FirmwareAll versions
CiscoCatalyst 9120axp FirmwareAll versions
CiscoCatalyst 9120axe FirmwareAll versions
CiscoCatalyst 9124axi FirmwareAll versions
CiscoCatalyst 9130axi FirmwareAll versions
CiscoCatalyst Iw6300 Dc FirmwareAll versions
CiscoCatalyst Iw6300 Dcw FirmwareAll versions

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-1419?
A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.
How severe is CVE-2021-1419?
CVE-2021-1419 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.21% probability of exploitation in the next 30 days.
How do I fix CVE-2021-1419?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-1419?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST