CVE-2021-1454

Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.

CVSS v3 6.7 MEDIUM
CVSS v2.0 7.2 HIGH

6.7^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios_xe:-:::::::*
	cpe:2.3:o:cisco:ios_xe_sd-wan:-:::::::*

History

29 Mar 2021, 18:32

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 7.2 v3 : 6.7
CWE	~~CWE-20~~	CWE-88
References	~~(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU -~~	(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU - Vendor Advisory
CPE		cpe:2.3:o:cisco:ios_xe:-:::::::* cpe:2.3:o:cisco:ios_xe_sd-wan:-:::::::*

24 Mar 2021, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-03-24 20:15

Updated : 2023-12-10 13:41

NVD link : CVE-2021-1454

Mitre link : CVE-2021-1454

CVE.ORG link : CVE-2021-1454

JSON object : View

Products Affected

cisco

ios_xe_sd-wan
ios_xe

CWE

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CWE-20

Improper Input Validation

{"id": "CVE-2021-1454", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 0.8}]}, "published": "2021-03-24T20:15:15.697", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-88"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades en la CLI del Software Cisco IOS XE SD-WAN, podr\u00edan permitir a un atacante local autenticado acceder al sistema operativo subyacente con privilegios root. Estas vulnerabilidades son debido a una comprobaci\u00f3n de la entrada insuficiente de determinados comandos de la CLI. Un atacante podr\u00eda explotar estas vulnerabilidades al autenticarse en el dispositivo y enviar una entrada dise\u00f1ada a la CLI. El atacante debe estar autenticado como usuario administrativo para ejecutar los comandos afectados. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante acceder al sistema operativo subyacente con privilegios root"}], "lastModified": "2023-11-07T03:28:21.167", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7D95E8A-8F0B-44E5-B266-09E10BAAEC55"}, {"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}