Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 8 |
CVE-ID | CVE-2021-1392 CVE-2021-1403 CVE-2021-1352 CVE-2021-1442 CVE-2021-1452 CVE-2021-1443 CVE-2021-1220 CVE-2021-1356 |
CWE-ID | CWE-522 CWE-345 CWE-823 CWE-532 CWE-78 CWE-400 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
Allen-Bradley Stratix 5400 Industrial Ethernet Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley Stratix 5410 Industrial Distribution Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Stratix 5800 Hardware solutions / Routers & switches, VoIP, GSM, etc |
Vendor | Rockwell Automation |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
EUVDB-ID: #VU51768
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1392
CWE-ID:
CWE-522 - Insufficiently Protected Credentials
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to incorrect permissions are associated with the show cip security CLI command. A local user can use a specially crafted command to retrieve the password for CIP and reconfigure the device.
MitigationInstall updates from vendor's website.
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(7)E3
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(7)E3
Stratix 5800: 16.12.01
CPE2.3http://ics-cert.us-cert.gov/advisories/icsa-21-110-02
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU51707
Risk: Medium
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-1403
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service (DoS) attack.
The vulnerability exists in the web UI feature of Cisco IOS XE Software. A remote attacker can conduct a cross-site WebSocket hijacking (CSWSH) attack and cause denial of service.
Install updates from vendor's website.
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(7)E3
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(7)E3
Stratix 5800: 16.12.01
CPE2.3http://ics-cert.us-cert.gov/advisories/icsa-21-110-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU51708
Risk: Medium
CVSSv4.0: [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-1352
CWE-ID:
CWE-823 - Use of Out-of-range Pointer Offset
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the DECnet Phase IV and DECnet/OSI protocol. A remote attacker on the local network can send specially crafted DECnet traffic to the affected device and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(7)E3
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(7)E3
Stratix 5800: 16.12.01
CPE2.3http://ics-cert.us-cert.gov/advisories/icsa-21-110-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU51704
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1442
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software. A local low-privileged user can run the diagnostic CLI show pnp profile when a specific PnP listener is enabled on the device and obtain a privileged authentication token. This token can be used to send crafted PnP messages and execute privileged commands on the targeted system.
MitigationInstall updates from vendor's website.
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(7)E3
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(7)E3
Stratix 5800: 16.12.01
CPE2.3http://ics-cert.us-cert.gov/advisories/icsa-21-110-02
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU51709
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1452
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary shell commands on the target system.
The vulnerability exists in ROM Monitor (ROMMON) due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set.An attacker with physical access to the system can execute unsigned code at system boot time.
MitigationInstall updates from vendor's website.
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(7)E3
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(7)E3
Stratix 5800: 16.12.01
CPE2.3http://ics-cert.us-cert.gov/advisories/icsa-21-110-02
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU51780
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1443
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the web UI. A remote administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(7)E3
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(7)E3
Stratix 5800: 16.12.01
CPE2.3http://ics-cert.us-cert.gov/advisories/icsa-21-110-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU51725
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1220
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the web UI of Cisco IOS XE Software. A remote authenticated user can send specially crafted HTTP request to the web UI and cause the web management software to hang and consume all available vty lines, preventing new session establishment.
MitigationInstall updates from vendor's website.
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(7)E3
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(7)E3
Stratix 5800: 16.12.01
CPE2.3http://ics-cert.us-cert.gov/advisories/icsa-21-110-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU51726
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-1356
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources within the web UI of Cisco IOS XE Software. A remote authenticated user can send specially crafted HTTP requests to the web UI and cause the web management software to hang and consume all available vty lines, preventing new session establishment.
MitigationInstall updates from vendor's website.
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(7)E3
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(7)E3
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(7)E3
Stratix 5800: 16.12.01
CPE2.3http://ics-cert.us-cert.gov/advisories/icsa-21-110-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.