7.2
CVSSv2

CVE-2021-1419

Published: 23/09/2021 Updated: 30/09/2021
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the malicious user to gain privileges equivalent to the root user.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco aironet_1542d_firmware -

cisco aironet_1562d_firmware -

cisco aironet_1815m_firmware -

cisco aironet_1830e_firmware -

cisco aironet_1840i_firmware -

cisco aironet_1850e_firmware -

cisco aironet_2800i_firmware -

cisco aironet_3800p_firmware -

cisco aironet_4800_firmware -

cisco catalyst_9105axi_firmware -

cisco catalyst_9115axe_firmware -

cisco catalyst_9117_firmware -

cisco catalyst_9120axi_firmware -

cisco catalyst_9124axd_firmware -

cisco catalyst_9130axe_firmware -

cisco catalyst_iw6300_ac_firmware -

cisco esw-6300_firmware -

cisco 1100-8p_firmware -

cisco 1120_firmware -

cisco 1160_firmware -

cisco wireless lan controller software

cisco catalyst_9800_firmware

cisco catalyst_9800_firmware 17.4

cisco aironet_1542i_firmware -

cisco aironet_1562e_firmware -

cisco aironet_1562i_firmware -

cisco aironet_1815w_firmware -

cisco aironet_1815t_firmware -

cisco aironet_1815i_firmware -

cisco aironet_1830i_firmware -

cisco aironet_1850i_firmware -

cisco aironet_2800e_firmware -

cisco aironet_3800i_firmware -

cisco aironet_3800e_firmware -

cisco catalyst_9105axw_firmware -

cisco catalyst_9115axi_firmware -

cisco catalyst_9120axp_firmware -

cisco catalyst_9120axe_firmware -

cisco catalyst_9124axi_firmware -

cisco catalyst_9130axi_firmware -

cisco catalyst_iw6300_dc_firmware -

cisco catalyst_iw6300_dcw_firmware -

Vendor Advisories

A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges The vulnerability is due to improper checking on file operations within the SSH management interface A network administrator user could ...