CVE-2021-1383

Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.

CVSS v3.0 6.7 MEDIUM
CVSS v2.0 7.2 HIGH

6.7^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU	Vendor Advisory
https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios_xe:16.9.1:::::::*
	cpe:2.3:o:cisco:ios_xe:16.10.1:::::::*
	cpe:2.3:o:cisco:ios_xe:16.9.2:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.1:::::::*
	cpe:2.3:o:cisco:ios_xe:16.11.1:::::::*
	cpe:2.3:o:cisco:ios_xe:17.1.1:::::::*
	cpe:2.3:o:cisco:ios_xe:16.11.1a:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.1c:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.1t:::::::*
	cpe:2.3:o:cisco:ios_xe:16.11.2:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.1a:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.1s:::::::*
	cpe:2.3:o:cisco:ios_xe:16.9.3:::::::*
	cpe:2.3:o:cisco:ios_xe:16.10.1a:::::::*
	cpe:2.3:o:cisco:ios_xe:16.10.1b:::::::*
	cpe:2.3:o:cisco:ios_xe:16.10.1d:::::::*
	cpe:2.3:o:cisco:ios_xe:16.10.1e:::::::*
	cpe:2.3:o:cisco:ios_xe:16.10.1f:::::::*
	cpe:2.3:o:cisco:ios_xe:16.10.1g:::::::*
	cpe:2.3:o:cisco:ios_xe:16.10.1s:::::::*
	cpe:2.3:o:cisco:ios_xe:16.10.2:::::::*
	cpe:2.3:o:cisco:ios_xe:16.11.1b:::::::*
	cpe:2.3:o:cisco:ios_xe:16.11.1c:::::::*
	cpe:2.3:o:cisco:ios_xe:16.11.1s:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.1w:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.1x:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.1y:::::::*
	cpe:2.3:o:cisco:ios_xe:16.10.1c:::::::*
	cpe:2.3:o:cisco:ios_xe:16.9.4:::::::*
	cpe:2.3:o:cisco:ios_xe:16.10.3:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.1z:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.1za:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.2:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.2a:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.2s:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.2t:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.3:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.3a:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.3s:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.4:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.4a:::::::*
	cpe:2.3:o:cisco:ios_xe:17.1.1a:::::::*
	cpe:2.3:o:cisco:ios_xe:17.1.1s:::::::*
	cpe:2.3:o:cisco:ios_xe:17.1.1t:::::::*
	cpe:2.3:o:cisco:ios_xe:17.1.2:::::::*
	cpe:2.3:o:cisco:ios_xe:17.1.3:::::::*
	cpe:2.3:o:cisco:ios_xe:17.2.1:::::::*
	cpe:2.3:o:cisco:ios_xe:17.2.1a:::::::*
	cpe:2.3:o:cisco:ios_xe:17.2.1r:::::::*
	cpe:2.3:o:cisco:ios_xe:17.2.1v:::::::*
	cpe:2.3:o:cisco:ios_xe:17.2.2:::::::*
	cpe:2.3:o:cisco:ios_xe:17.3.1:::::::*
	cpe:2.3:o:cisco:ios_xe:17.3.1a:::::::*
	cpe:2.3:o:cisco:ios_xe:17.3.1w:::::::*
	cpe:2.3:o:cisco:ios_xe:17.3.1x:::::::*
	cpe:2.3:o:cisco:ios_xe:17.3.2:::::::*
	cpe:2.3:o:cisco:ios_xe:17.3.2a:::::::*
	cpe:2.3:o:cisco:ios_xe:17.4.1:::::::*
	cpe:2.3:o:cisco:ios_xe:17.4.1a:::::::*
	cpe:2.3:o:cisco:ios_xe_sd-wan::::::::
	cpe:2.3:o:cisco:ios_xe:16.12.1z1:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.5:::::::*
	cpe:2.3:o:cisco:ios_xe:16.12.5b:::::::*

Information

Published : 2021-03-24 13:15

Updated : 2022-09-20 10:03

NVD link : CVE-2021-1383

Mitre link : CVE-2021-1383

JSON object : View

CWE

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Products Affected

cisco

ios_xe_sd-wan
ios_xe

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU", "name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities", "tags": ["Vendor Advisory"], "refsource": "CISCO"}, {"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r", "name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r", "tags": ["Exploit", "Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-88"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-1383", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "acInsufInfo": false, "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}}, "publishedDate": "2021-03-24T20:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.1d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.1f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.1g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1z:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1za:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.1z1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.12.5b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-09-20T17:03Z"}

6.7 /10