7.8
HIGH
CVE-2021-1419
Cisco Access Points SSH File Modification Privilege Escalation Vulnerability
Description

A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.

INFO

Published Date :

Sept. 23, 2021, 3:15 a.m.

Last Modified :

Nov. 21, 2024, 5:44 a.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

5.9

Exploitability Score :

1.8
Affected Products

The following products are affected by CVE-2021-1419 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Cisco aironet_1542i_firmware
2 Cisco aironet_1542d_firmware
3 Cisco aironet_1562i_firmware
4 Cisco aironet_1562e_firmware
5 Cisco aironet_1562d_firmware
6 Cisco aironet_2800i_firmware
7 Cisco aironet_2800e_firmware
8 Cisco aironet_3800i_firmware
9 Cisco aironet_3800e_firmware
10 Cisco aironet_3800p_firmware
11 Cisco aironet_4800_firmware
12 Cisco wireless_lan_controller_software
13 Cisco aironet_1815m_firmware
14 Cisco aironet_1830e_firmware
15 Cisco aironet_1840i_firmware
16 Cisco aironet_1850e_firmware
17 Cisco catalyst_9105axi_firmware
18 Cisco catalyst_9115axe_firmware
19 Cisco catalyst_9117_firmware
20 Cisco catalyst_9120axi_firmware
21 Cisco catalyst_9124axd_firmware
22 Cisco catalyst_9130axe_firmware
23 Cisco catalyst_iw6300_ac_firmware
24 Cisco esw6300_firmware
25 Cisco 1100-8p_firmware
26 Cisco 1120_firmware
27 Cisco 1160_firmware
28 Cisco catalyst_9800_firmware
29 Cisco aironet_1815w_firmware
30 Cisco aironet_1815t_firmware
31 Cisco aironet_1815i_firmware
32 Cisco aironet_1830i_firmware
33 Cisco aironet_1850i_firmware
34 Cisco catalyst_9105axw_firmware
35 Cisco catalyst_9115axi_firmware
36 Cisco catalyst_9120axp_firmware
37 Cisco catalyst_9120axe_firmware
38 Cisco catalyst_9124axi_firmware
39 Cisco catalyst_9130axi_firmware
40 Cisco catalyst_iw6300_dc_firmware
41 Cisco catalyst_iw6300_dcw_firmware
42 Cisco 1160_integrated_services_router
43 Cisco catalyst_9800-40
44 Cisco catalyst_9800-80
45 Cisco catalyst_9800-cl
46 Cisco catalyst_9800-l
47 Cisco 1100-8p
48 Cisco 1120
49 Cisco aironet_1830e
50 Cisco aironet_1830i
51 Cisco aironet_1850e
52 Cisco aironet_1850i
53 Cisco aironet_1815i
54 Cisco aironet_2800e
55 Cisco aironet_2800i
56 Cisco aironet_3800e
57 Cisco aironet_3800i
58 Cisco aironet_3800p
59 Cisco aironet_1562d
60 Cisco aironet_1562e
61 Cisco aironet_1562i
62 Cisco aironet_4800
63 Cisco aironet_1542d
64 Cisco aironet_1542i
65 Cisco esw6300
66 Cisco catalyst_9105axi
67 Cisco catalyst_9105axw
68 Cisco catalyst_9115axe
69 Cisco catalyst_9115axi
70 Cisco catalyst_9117axi
71 Cisco catalyst_9120axe
72 Cisco catalyst_9120axi
73 Cisco catalyst_9120axp
74 Cisco catalyst_9124axd
75 Cisco catalyst_9124axi
76 Cisco catalyst_9130axe
77 Cisco catalyst_9130axi
78 Cisco catalyst_iw6300_ac
79 Cisco catalyst_iw6300_dc
80 Cisco catalyst_iw6300_dcw
81 Cisco aironet_1815m
82 Cisco aironet_1840i
83 Cisco aironet_1815w
84 Cisco aironet_1815t
: Total Affected Vendor : 1 | Products : 84
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2021-1419.

URL Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv Patch Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv Patch Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2021-1419 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2021-1419 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Nov. 07, 2023

    Action Type Old Value New Value
    Removed CVSS V3 Cisco Systems, Inc. AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Added CVSS V3.1 Cisco Systems, Inc. AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Reanalysis by [email protected]

    Oct. 03, 2023

    Action Type Old Value New Value
    Changed CPE Configuration AND OR *cpe:2.3:o:cisco:esw-6300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:esw-6300:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:cisco:esw6300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*
    Changed CPE Configuration AND OR *cpe:2.3:o:cisco:1160_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:1160:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:cisco:1160_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*
  • Reanalysis by [email protected]

    Jul. 08, 2022

    Action Type Old Value New Value
    Removed CWE NIST CWE-269
    Added CWE NIST NVD-CWE-Other
  • Initial Analysis by [email protected]

    Sep. 30, 2021

    Action Type Old Value New Value
    Added CVSS V2 NIST (AV:L/AC:L/Au:N/C:C/I:C/A:C)
    Added CVSS V3.1 NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv No Types Assigned https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv Patch, Vendor Advisory
    Added CWE NIST CWE-269
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1542d_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1562d_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1815m_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1830e_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1840i_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1840i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1850e_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_2800i_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_3800p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_4800_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9105axi_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9115axe_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9117_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9120axi_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9124axd_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9130axe_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_iw6300_ac_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:esw-6300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:esw-6300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:1100-8p_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:1120_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:1120:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:1160_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:1160:-:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:* versions from (including) 8.10 up to (excluding) 8.10.151.0
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:* versions from (including) 16.12 up to (excluding) 16.12.6 *cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:* versions from (including) 17.3 up to (excluding) 17.3.3 *cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1542i_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:* versions from (including) 16.12 up to (excluding) 16.12.6 *cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:* versions from (including) 17.3 up to (excluding) 17.3.3 *cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:* versions from (including) 16.12 up to (excluding) 16.12.6 *cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:* versions from (including) 17.3 up to (excluding) 17.3.3 *cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:* versions from (including) 16.12 up to (excluding) 16.12.6 *cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:* versions from (including) 17.3 up to (excluding) 17.3.3 *cpe:2.3:o:cisco:catalyst_9800_firmware:17.4:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1562e_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1562i_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1815w_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1815w:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1815t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1815t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1815i_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1830i_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1830i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_1850i_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_2800e_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_3800i_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:aironet_3800e_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9105axw_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9115axi_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9120axp_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9120axe_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9124axi_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_9130axi_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_iw6300_dc_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:cisco:catalyst_iw6300_dcw_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2021-1419 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2021-1419 weaknesses.

CAPEC-19: Embedding Scripts within Scripts Embedding Scripts within Scripts CAPEC-441: Malicious Logic Insertion Malicious Logic Insertion CAPEC-478: Modification of Windows Service Configuration Modification of Windows Service Configuration CAPEC-479: Malicious Root Certificate Malicious Root Certificate CAPEC-502: Intent Spoof Intent Spoof CAPEC-503: WebView Exposure WebView Exposure CAPEC-536: Data Injected During Configuration Data Injected During Configuration CAPEC-546: Incomplete Data Deletion in a Multi-Tenant Environment Incomplete Data Deletion in a Multi-Tenant Environment CAPEC-550: Install New Service Install New Service CAPEC-551: Modify Existing Service Modify Existing Service CAPEC-552: Install Rootkit Install Rootkit CAPEC-556: Replace File Extension Handlers Replace File Extension Handlers CAPEC-558: Replace Trusted Executable Replace Trusted Executable CAPEC-562: Modify Shared File Modify Shared File CAPEC-563: Add Malicious File to Shared Webroot Add Malicious File to Shared Webroot CAPEC-564: Run Software at Logon Run Software at Logon CAPEC-578: Disable Security Software Disable Security Software
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.04 }} 0.00%

score

0.05635

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: