CVE-2021-34724

A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device.

CVSS v3 6.0 MEDIUM
CVSS v2.0 6.6 MEDIUM

6.0^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

6.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:N

Exploitability : 3.9 / Impact : 9.2

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact NONE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:1000_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-4g\/6g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1101_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1111x_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:111x_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1120_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1160_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4000_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:422_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4221_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4321_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4331_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4351_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4431_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4451-x_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4451_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4461_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:asr_1000:-:::::::*
	cpe:2.3:h:cisco:asr_1000-esp100:-:::::::*
	cpe:2.3:h:cisco:asr_1000-x:-:::::::*
	cpe:2.3:h:cisco:asr_1000_series:-:::::::*
	cpe:2.3:h:cisco:asr_1000_series_route_processor_\(rp2\):-:::::::*
	cpe:2.3:h:cisco:asr_1000_series_route_processor_\(rp3\):-:::::::*
	cpe:2.3:h:cisco:asr_1001:-:::::::*
	cpe:2.3:h:cisco:asr_1001-hx:-:::::::*
	cpe:2.3:h:cisco:asr_1001-hx_r:-:::::::*
	cpe:2.3:h:cisco:asr_1001-x:-:::::::*
	cpe:2.3:h:cisco:asr_1001-x_r:-:::::::*
	cpe:2.3:h:cisco:asr_1002:-:::::::*
	cpe:2.3:h:cisco:asr_1002-hx:-:::::::*
	cpe:2.3:h:cisco:asr_1002-hx_r:-:::::::*
	cpe:2.3:h:cisco:asr_1002-x:-:::::::*
	cpe:2.3:h:cisco:asr_1002-x_r:-:::::::*
	cpe:2.3:h:cisco:asr_1004:-:::::::*
	cpe:2.3:h:cisco:asr_1006:-:::::::*
	cpe:2.3:h:cisco:asr_1006-x:-:::::::*
	cpe:2.3:h:cisco:asr_1009-x:-:::::::*
	cpe:2.3:h:cisco:asr_1013:-:::::::*
	cpe:2.3:h:cisco:asr_1023:-:::::::*
	cpe:2.3:h:cisco:csr_1000v:-:::::::*

History

22 May 2023, 18:57

Type	Values Removed	Values Added
First Time		Cisco 4321 Integrated Services Router Cisco 4221 Integrated Services Router Cisco 4351 Integrated Services Router Cisco 1101-4p Integrated Services Router Cisco 111x Integrated Services Router Cisco 1100-8p Integrated Services Router Cisco 4451-x Integrated Services Router Cisco 1111x-8p Integrated Services Router Cisco 1109-2p Integrated Services Router Cisco 1100 Integrated Services Router Cisco 4451 Integrated Services Router Cisco 1000 Integrated Services Router Cisco 1101 Integrated Services Router Cisco 1100-4g\/6g Integrated Services Router Cisco 1109-4p Integrated Services Router Cisco 1120 Integrated Services Router Cisco 4331 Integrated Services Router Cisco 4000 Integrated Services Router Cisco 1100-4p Integrated Services Router Cisco 1111x Integrated Services Router Cisco 4461 Integrated Services Router Cisco 1109 Integrated Services Router Cisco 422 Integrated Services Router Cisco 1160 Integrated Services Router Cisco 4431 Integrated Services Router
CPE	cpe:2.3:h:cisco:isr_4461:-:::::::* cpe:2.3:h:cisco:isr_4221:-:::::::* cpe:2.3:h:cisco:isr_4000:-:::::::* cpe:2.3:h:cisco:isr_422:-:::::::* cpe:2.3:h:cisco:isr_1111x:-:::::::* cpe:2.3:h:cisco:isr_4351:-:::::::* cpe:2.3:h:cisco:isr_4451-x:-:::::::* cpe:2.3:h:cisco:isr_1109:-:::::::* cpe:2.3:h:cisco:isr_4331:-:::::::* cpe:2.3:h:cisco:isr_1100-4g\/6g:-:::::::* cpe:2.3:h:cisco:isr_1109-2p:-:::::::* cpe:2.3:h:cisco:isr_4431:-:::::::* cpe:2.3:h:cisco:isr_1160:-:::::::* cpe:2.3:h:cisco:isr_1000:-:::::::* cpe:2.3:h:cisco:isr_1100-8p:-:::::::* cpe:2.3:h:cisco:isr_111x:-:::::::* cpe:2.3:h:cisco:isr_1100:-:::::::* cpe:2.3:h:cisco:isr_1101:-:::::::* cpe:2.3:h:cisco:isr_1101-4p:-:::::::* cpe:2.3:h:cisco:isr_1100-4p:-:::::::* cpe:2.3:h:cisco:isr_1109-4p:-:::::::* cpe:2.3:h:cisco:isr_1111x-8p:-:::::::* cpe:2.3:h:cisco:isr_4451:-:::::::* cpe:2.3:h:cisco:isr_1120:-:::::::* cpe:2.3:h:cisco:isr_4321:-:::::::*	cpe:2.3:h:cisco:1111x_integrated_services_router:-:::::::* cpe:2.3:h:cisco:4321_integrated_services_router:-:::::::* cpe:2.3:h:cisco:4451-x_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1100_integrated_services_router:-:::::::* cpe:2.3:h:cisco:4451_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1100-4g\/6g_integrated_services_router:-:::::::* cpe:2.3:h:cisco:4351_integrated_services_router:-:::::::* cpe:2.3:h:cisco:111x_integrated_services_router:-:::::::* cpe:2.3:h:cisco:4000_integrated_services_router:-:::::::* cpe:2.3:h:cisco:4331_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1000_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1160_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1120_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1101_integrated_services_router:-:::::::* cpe:2.3:h:cisco:422_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1109_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:::::::* cpe:2.3:h:cisco:4221_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:::::::* cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:::::::* cpe:2.3:h:cisco:4461_integrated_services_router:-:::::::* cpe:2.3:h:cisco:4431_integrated_services_router:-:::::::*

13 Oct 2021, 12:58

Type	Values Removed	Values Added
CWE		NVD-CWE-Other
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 6.6 v3 : 6.0
CPE		cpe:2.3:h:cisco:asr_1006-x:-:::::::* cpe:2.3:h:cisco:isr_1100-4g\/6g:-:::::::* cpe:2.3:h:cisco:asr_1000-esp100:-:::::::* cpe:2.3:h:cisco:asr_1002-hx:-:::::::* cpe:2.3:h:cisco:asr_1000_series_route_processor_\(rp2\):-:::::::* cpe:2.3:h:cisco:isr_4351:-:::::::* cpe:2.3:h:cisco:isr_1120:-:::::::* cpe:2.3:h:cisco:isr_4451:-:::::::* cpe:2.3:h:cisco:asr_1002-hx_r:-:::::::* cpe:2.3:h:cisco:asr_1000-x:-:::::::* cpe:2.3:h:cisco:asr_1002-x_r:-:::::::* cpe:2.3:h:cisco:asr_1013:-:::::::* cpe:2.3:h:cisco:asr_1006:-:::::::* cpe:2.3:h:cisco:isr_1000:-:::::::* cpe:2.3:h:cisco:isr_1109-4p:-:::::::* cpe:2.3:h:cisco:isr_4431:-:::::::* cpe:2.3:h:cisco:isr_1111x:-:::::::* cpe:2.3:h:cisco:isr_4331:-:::::::* cpe:2.3:h:cisco:isr_1100:-:::::::* cpe:2.3:h:cisco:asr_1001-hx:-:::::::* cpe:2.3:h:cisco:isr_1160:-:::::::* cpe:2.3:h:cisco:asr_1000_series_route_processor_\(rp3\):-:::::::* cpe:2.3:o:cisco:ios_xe_sd-wan:::::::: cpe:2.3:h:cisco:isr_1101-4p:-:::::::* cpe:2.3:h:cisco:isr_4461:-:::::::* cpe:2.3:h:cisco:isr_1101:-:::::::* cpe:2.3:h:cisco:isr_1109-2p:-:::::::* cpe:2.3:h:cisco:isr_111x:-:::::::* cpe:2.3:h:cisco:asr_1009-x:-:::::::* cpe:2.3:h:cisco:isr_1109:-:::::::* cpe:2.3:h:cisco:asr_1001-hx_r:-:::::::* cpe:2.3:h:cisco:isr_4451-x:-:::::::* cpe:2.3:h:cisco:asr_1001-x:-:::::::* cpe:2.3:h:cisco:asr_1001:-:::::::* cpe:2.3:h:cisco:asr_1000:-:::::::* cpe:2.3:h:cisco:csr_1000v:-:::::::* cpe:2.3:h:cisco:isr_4000:-:::::::* cpe:2.3:h:cisco:asr_1002-x:-:::::::* cpe:2.3:h:cisco:isr_1100-8p:-:::::::* cpe:2.3:h:cisco:asr_1001-x_r:-:::::::* cpe:2.3:h:cisco:isr_1100-4p:-:::::::* cpe:2.3:h:cisco:isr_422:-:::::::* cpe:2.3:h:cisco:isr_1111x-8p:-:::::::* cpe:2.3:h:cisco:isr_4221:-:::::::* cpe:2.3:h:cisco:isr_4321:-:::::::* cpe:2.3:h:cisco:asr_1000_series:-:::::::* cpe:2.3:h:cisco:asr_1023:-:::::::* cpe:2.3:h:cisco:asr_1002:-:::::::* cpe:2.3:h:cisco:asr_1004:-:::::::*
References	~~(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD -~~	(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD - Vendor Advisory

23 Sep 2021, 03:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-09-23 03:15

Updated : 2023-12-10 14:09

NVD link : CVE-2021-34724

Mitre link : CVE-2021-34724

CVE.ORG link : CVE-2021-34724

JSON object : View

Products Affected

cisco

422_integrated_services_router
111x_integrated_services_router
4451_integrated_services_router
4461_integrated_services_router
1000_integrated_services_router
asr_1002-x
4221_integrated_services_router
asr_1000_series
asr_1004
4000_integrated_services_router
1111x_integrated_services_router
4331_integrated_services_router
1100_integrated_services_router
ios_xe_sd-wan
4451-x_integrated_services_router
asr_1002-x_r
4351_integrated_services_router
1109_integrated_services_router
asr_1001
asr_1006-x
asr_1013
4431_integrated_services_router
asr_1000_series_route_processor_\(rp3\)
asr_1000_series_route_processor_\(rp2\)
asr_1002
1100-8p_integrated_services_router
asr_1001-x
asr_1023
1100-4p_integrated_services_router
1100-4g\/6g_integrated_services_router
1101_integrated_services_router
csr_1000v
asr_1002-hx_r
1101-4p_integrated_services_router
1160_integrated_services_router
asr_1000
1109-2p_integrated_services_router
asr_1006
asr_1009-x
asr_1001-hx
asr_1000-esp100
asr_1000-x
1109-4p_integrated_services_router
asr_1001-hx_r
1111x-8p_integrated_services_router
asr_1001-x_r
1120_integrated_services_router
asr_1002-hx
4321_integrated_services_router

CWE

NVD-CWE-Other CWE-284

Improper Access Control

6.0 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

6.6 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact NONE

JSON object

Attach tags to CVE-2021-34724

6.0^/10

6.6^/10

Attach tags to `CVE-2021-34724`