Improper access control in Cisco Access Points
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-1419 |
| CWE-ID | CWE-284 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco Aironet 1540 Series Access Points Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Aironet 1560 Series Access Points Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Aironet 1800 Series Access Points Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Aironet 2800 Series Access Points Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Aironet 3800 Series Access Points Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Catalyst 9100 Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Catalyst IW 6300 Hardware solutions / Routers & switches, VoIP, GSM, etc Integrated Access Point on 1100 Integrated Services Routers Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Catalyst 9800 Wireless Controller Hardware solutions / Routers & switches, VoIP, GSM, etc Aironet 4800 Access Points Other software / Other software solutions Cisco Wireless LAN Controller Hardware solutions / Firmware |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Improper access control
EUVDB-ID: #VU56834
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-1419
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper checking on file operations within the SSH management interface. A local user can bypass implemented security restrictions and gain elevated privileges on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco Aironet 1540 Series Access Points: All versions
Cisco Aironet 1560 Series Access Points: All versions
Cisco Aironet 1800 Series Access Points: All versions
Cisco Aironet 2800 Series Access Points: All versions
Cisco Aironet 3800 Series Access Points: All versions
Aironet 4800 Access Points: All versions
Cisco Catalyst 9100: All versions
Cisco Catalyst IW 6300: All versions
Integrated Access Point on 1100 Integrated Services Routers: All versions
Cisco Wireless LAN Controller: 8.10
Cisco Catalyst 9800 Wireless Controller: 16.12 - 17.4
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
