Improper access control in Cisco Systems, Inc products - CVE-2021-1419
Published: September 23, 2021
Vulnerability identifier: #VU56834
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-1419
CWE-ID: CWE-284
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Aironet 1540 Series Access Points
Cisco Aironet 1560 Series Access Points
Cisco Aironet 1800 Series Access Points
Cisco Aironet 2800 Series Access Points
Cisco Aironet 3800 Series Access Points
Cisco Catalyst 9100
Cisco Catalyst IW 6300
Integrated Access Point on 1100 Integrated Services Routers
Cisco Catalyst 9800 Wireless Controller
Aironet 4800 Access Points
Cisco Wireless LAN Controller
Cisco Aironet 1540 Series Access Points
Cisco Aironet 1560 Series Access Points
Cisco Aironet 1800 Series Access Points
Cisco Aironet 2800 Series Access Points
Cisco Aironet 3800 Series Access Points
Cisco Catalyst 9100
Cisco Catalyst IW 6300
Integrated Access Point on 1100 Integrated Services Routers
Cisco Catalyst 9800 Wireless Controller
Aironet 4800 Access Points
Cisco Wireless LAN Controller
Detailed vulnerability description
The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper checking on file operations within the SSH management interface. A local user can bypass implemented security restrictions and gain elevated privileges on the system.
How to mitigate CVE-2021-1419
Install updates from vendor's website.