fkie_nvd - fkie_cve-2021-1423

fkie_cve-2021-1423

Vulnerability from fkie_nvd

Published

2021-03-24 21:15

Modified

2024-11-21 05:44

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Summary

A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device.

References

▶	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	aironet_access_point_software	-
cisco	1100_integrated_services_router	-
cisco	aironet_1540	-
cisco	aironet_1560	-
cisco	aironet_1800	-
cisco	aironet_2800	-
cisco	aironet_3800	-
cisco	aironet_4800	-
cisco	catalyst_9100	-
cisco	catalyst_iw6300	-
cisco	esw6300	-
cisco	catalyst_9800_firmware	*
cisco	catalyst_9800_firmware	*
cisco	catalyst_9800	-
cisco	wireless_lan_controller_software	*
cisco	wireless_lan_controller_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D48036EE-DE42-412A-B3C9-CBCE7414DB33",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD9BB32-1D37-4F86-9E93-B77DAB09B874",
              "versionEndExcluding": "16.12.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54FC2B7F-8BB5-4326-964C-0C7CC6D31412",
              "versionEndIncluding": "17.2",
              "versionStartIncluding": "17.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4303CDF3-6399-41CA-BD2A-3C894DD02064",
              "versionEndExcluding": "8.5.171.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D84C320-E3E3-4B29-A27F-A95C6C50FFFE",
              "versionEndExcluding": "8.10.130.0",
              "versionStartIncluding": "8.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de un comando de CLI en Cisco Aironet Access Points (AP), podr\u00eda permitir a un atacante local autenticado sobrescribir archivos en la memoria flash del dispositivo.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada para un comando espec\u00edfico.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al emitir un comando con argumentos dise\u00f1ados.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante sobrescribir o crear archivos con datos que ya est\u00e1n presentes en otros archivos alojados en el dispositivo afectado"
    }
  ],
  "id": "CVE-2021-1423",
  "lastModified": "2024-11-21T05:44:19.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-03-24T21:15:13.443",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-668"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-668"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2021-1423 (GCVE-0-2021-1423)

Vulnerability from cvelistv5

Published

2021-03-24 20:20

Modified

2024-11-08 23:30

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CWE

CWE-668

Summary

References

►

URL

Tags

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb

vendor-advisory, x_refsource_CISCO