ID

VAR-202103-0537


CVE

CVE-2021-1392


TITLE

Cisco IOS  and  IOS XE  Vulnerability regarding inadequate protection of credentials in

Trust: 0.8

sources: JVNDB: JVNDB-2021-004772

DESCRIPTION

A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip security CLI command. An attacker could exploit this vulnerability by issuing the command to retrieve the password for CIP on an affected device. A successful exploit could allow the attacker to reconfigure the device. Cisco IOS and IOS XE Exists in an inadequate protection of credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Both Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network equipment

Trust: 2.34

sources: NVD: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-374446 // VULMON: CVE-2021-1392

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja11

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5a\)e1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(7\)e0b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jax

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn15

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jj

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd13

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc9

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf12

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn14

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jh

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd16

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e0c

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja10

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.0\(1\)ey2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnp3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.5be

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf11

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.3.1xo

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea10

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd9

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnp

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.3.2xo

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk1t

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e9

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(7b\)e0b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.1\(3\)svt1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2t

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)eb1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd11

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc14

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jg1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.0\(1\)ey

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e1a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd14

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1c

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn9

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e5b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd6

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e10

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpd

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2b\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e7b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jg

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf13

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)e5a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e2c

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)eb

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1c

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf9

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.7.4e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.7.5e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)eb2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)je

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e0a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e5a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn11

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnp1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf10

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd12

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea9

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e2b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ec2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jh1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jax2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.3.0xo

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja12

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb6a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd17

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2a\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jj1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jax1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea9a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf12i

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk2a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ec1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1d

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.1\(3\)svs

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1t

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.0\(1\)ey1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn13

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(7a\)e0b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jaa

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(1\)ey

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpb1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)jaz

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e5

Trust: 1.0

vendor:シスコシステムズmodel:cisco iosscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco iosscope:eqversion:xe

Trust: 0.8

vendor:シスコシステムズmodel:cisco ios xescope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-004772 // NVD: CVE-2021-1392

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1392
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2021-1392
value: HIGH

Trust: 1.0

NVD: CVE-2021-1392
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202103-1409
value: HIGH

Trust: 0.6

VULHUB: VHN-374446
value: LOW

Trust: 0.1

VULMON: CVE-2021-1392
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2021-1392
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-374446
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1392
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2021-1392
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // NVD: CVE-2021-1392 // NVD: CVE-2021-1392

PROBLEMTYPE DATA

problemtype:CWE-522

Trust: 1.1

problemtype:Inadequate protection of credentials (CWE-522) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-374446 // JVNDB: JVNDB-2021-004772 // NVD: CVE-2021-1392

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202103-1409

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409

PATCH

title:cisco-sa-XE-SAP-OPLbze68url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-SAP-OPLbze68

Trust: 0.8

title:Cisco IOS and IOS XE Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145711

Trust: 0.6

title:Cisco: Cisco IOS and IOS XE Software Common Industrial Protocol Privilege Escalation Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-XE-SAP-OPLbze68

Trust: 0.1

sources: VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202103-1409

EXTERNAL IDS

db:NVDid:CVE-2021-1392

Trust: 2.6

db:JVNid:JVNVU99743643

Trust: 0.8

db:JVNDBid:JVNDB-2021-004772

Trust: 0.8

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021042150

Trust: 0.6

db:ICS CERTid:ICSA-21-110-02

Trust: 0.6

db:CNNVDid:CNNVD-202103-1409

Trust: 0.6

db:VULHUBid:VHN-374446

Trust: 0.1

db:VULMONid:CVE-2021-1392

Trust: 0.1

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // NVD: CVE-2021-1392

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-xe-sap-oplbze68

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2021-1392

Trust: 1.4

url:https://jvn.jp/vu/jvnvu99743643/index.html

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-34940

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-110-02

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021042150

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/522.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/198743

Trust: 0.1

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // NVD: CVE-2021-1392

SOURCES

db:VULHUBid:VHN-374446
db:VULMONid:CVE-2021-1392
db:JVNDBid:JVNDB-2021-004772
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202103-1409
db:NVDid:CVE-2021-1392

LAST UPDATE DATE

2024-08-14T13:16:05.957000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-374446date:2021-03-29T00:00:00
db:VULMONid:CVE-2021-1392date:2021-03-29T00:00:00
db:JVNDBid:JVNDB-2021-004772date:2021-11-29T09:16:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202103-1409date:2021-04-22T00:00:00
db:NVDid:CVE-2021-1392date:2023-11-07T03:28:11.307

SOURCES RELEASE DATE

db:VULHUBid:VHN-374446date:2021-03-24T00:00:00
db:VULMONid:CVE-2021-1392date:2021-03-24T00:00:00
db:JVNDBid:JVNDB-2021-004772date:2021-11-29T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202103-1409date:2021-03-24T00:00:00
db:NVDid:CVE-2021-1392date:2021-03-24T20:15:14.057