CVE-2021-1371 : A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software

A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges.

Published 2021-03-24 21:15:12

Updated 2023-05-22 18:57:25

Source Cisco Systems, Inc.

View at NVD, CVE.org

Products affected by CVE-2021-1371

Cisco » Ios Xe Sd-wan » Version: 17.2.0
cpe:2.3:o:cisco:ios_xe_sd-wan:17.2.0:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Cloud Services Router 1000v » Version: N/A
When used together with: Cisco » 1100 Integrated Services Router » Version: N/A
When used together with: Cisco » 1101 Integrated Services Router » Version: N/A
When used together with: Cisco » 1109 Integrated Services Router » Version: N/A
When used together with: Cisco » 1111x Integrated Services Router » Version: N/A
When used together with: Cisco » 111x Integrated Services Router » Version: N/A
When used together with: Cisco » 1120 Integrated Services Router » Version: N/A
When used together with: Cisco » 1160 Integrated Services Router » Version: N/A
When used together with: Cisco » 4221 Integrated Services Router » Version: N/A
When used together with: Cisco » 4321 Integrated Services Router » Version: N/A
When used together with: Cisco » 4331 Integrated Services Router » Version: N/A
When used together with: Cisco » 4351 Integrated Services Router » Version: N/A
When used together with: Cisco » 4431 Integrated Services Router » Version: N/A
When used together with: Cisco » 4451 Integrated Services Router » Version: N/A
When used together with: Cisco » 4461 Integrated Services Router » Version: N/A
When used together with: Cisco » Asr 1000 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-1371

EPSS FAQ

0.03%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 5 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-1371

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
6.6	MEDIUM	CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	0.7	5.9	Cisco Systems, Inc.
Attack Vector: Physical Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
6.6	MEDIUM	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	0.7	5.9	NIST
Attack Vector: Physical Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-1371

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Assigned by: ykramarz@cisco.com (Primary)

References for CVE-2021-1371

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9

Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability
Vendor Advisory

Jump to

Vulnerability Details : CVE-2021-1371

Products affected by CVE-2021-1371

Exploit prediction scoring system (EPSS) score for CVE-2021-1371

CVSS scores for CVE-2021-1371

CWE ids for CVE-2021-1371

References for CVE-2021-1371