9.8
CRITICAL
CVE-2021-1361
Cisco Nexus File Management Service Remote File Manipulation Vulnerability
Description

A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.

INFO

Published Date :

Feb. 24, 2021, 8:15 p.m.

Last Modified :

Nov. 21, 2024, 5:44 a.m.

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2021-1361 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Cisco nx-os
2 Cisco nexus_3000
3 Cisco nexus_3100
4 Cisco nexus_3100-z
5 Cisco nexus_3100v
6 Cisco nexus_3200
7 Cisco nexus_3400
8 Cisco nexus_3500
9 Cisco nexus_3600
10 Cisco nexus_9000v
11 Cisco nexus_92160yc-x
12 Cisco nexus_92300yc
13 Cisco nexus_92304qc
14 Cisco nexus_92348gc-x
15 Cisco nexus_9236c
16 Cisco nexus_9272q
17 Cisco nexus_93108tc-ex
18 Cisco nexus_93108tc-ex-24
19 Cisco nexus_93108tc-fx
20 Cisco nexus_93108tc-fx-24
21 Cisco nexus_93120tx
22 Cisco nexus_93128tx
23 Cisco nexus_9316d-gx
24 Cisco nexus_93180lc-ex
25 Cisco nexus_93180yc-ex
26 Cisco nexus_93180yc-ex-24
27 Cisco nexus_93180yc-fx
28 Cisco nexus_93180yc-fx-24
29 Cisco nexus_93180yc-fx3
30 Cisco nexus_93180yc-fx3s
31 Cisco nexus_93216tc-fx2
32 Cisco nexus_93240yc-fx2
33 Cisco nexus_9332c
34 Cisco nexus_9332pq
35 Cisco nexus_93360yc-fx2
36 Cisco nexus_9336c-fx2
37 Cisco nexus_9336c-fx2-e
38 Cisco nexus_9336pq_aci_spine
39 Cisco nexus_9348gc-fxp
40 Cisco nexus_93600cd-gx
41 Cisco nexus_9364c
42 Cisco nexus_9364c-gx
43 Cisco nexus_9372px
44 Cisco nexus_9372px-e
45 Cisco nexus_9372tx
46 Cisco nexus_9372tx-e
47 Cisco nexus_9396px
48 Cisco nexus_9396tx
49 Cisco nexus_9508
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2021-1361.

URL Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2021-1361 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2021-1361 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Nov. 07, 2023

    Action Type Old Value New Value
    Removed CVSS V3 Cisco Systems, Inc. AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Added CVSS V3.1 Cisco Systems, Inc. AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Reanalysis by [email protected]

    Mar. 05, 2021

    Action Type Old Value New Value
    Removed CVSS V2 NIST (AV:N/AC:L/Au:N/C:N/I:P/A:P)
    Added CVSS V2 NIST (AV:N/AC:L/Au:N/C:N/I:C/A:C)
  • Initial Analysis by [email protected]

    Mar. 05, 2021

    Action Type Old Value New Value
    Added CVSS V2 NIST (AV:N/AC:L/Au:N/C:N/I:P/A:P)
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
    Changed Reference Type https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 No Types Assigned https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2 Vendor Advisory
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:nx-os:9.3\(5\):*:*:*:*:*:*:* *cpe:2.3:o:cisco:nx-os:9.3\(6\):*:*:*:*:*:*:* OR cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2021-1361 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2021-1361 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.19 }} 0.02%

score

0.55691

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability