Details of VAR-202103-0537

ID

VAR-202103-0537

CVE

CVE-2021-1392

TITLE

Cisco IOS and IOS XE Vulnerability regarding inadequate protection of credentials in

Trust: 0.8

sources: JVNDB: JVNDB-2021-004772

DESCRIPTION

A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip security CLI command. An attacker could exploit this vulnerability by issuing the command to retrieve the password for CIP on an affected device. A successful exploit could allow the attacker to reconfigure the device. Cisco IOS and IOS XE Exists in an inadequate protection of credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Both Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network equipment

Trust: 2.34

sources: NVD: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-374446 // VULMON: CVE-2021-1392

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ja1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ja7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnc4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jc1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jbb2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jc2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)ea1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ja8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ja11	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5a\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jc6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(7\)e0b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jax	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn15	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jj	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd13	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jpc3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jc9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf12	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn14	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ji4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ji3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jh	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd16	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e0c	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ja10	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnd2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)ea	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ji5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.3s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)ey2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnp3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnc2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnb5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.5be	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf11	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnc	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.1xo	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnc3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jc5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jc8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea10	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.2xo	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jbb5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jk1t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(7b\)e0b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(3\)svt1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ja5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jpb	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnd	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)eb1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jc4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd11	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jc14	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)ea	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jk3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jpc1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jg1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)ey	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jk2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e1a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd14	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1c	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jc	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e5b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jb	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e10	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jpd	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2b\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jk4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e7b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)ea3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jg	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf13	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e2c	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)eb	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1c	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnd3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnb6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ji1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnd1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.4e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.5e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnb	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)eb2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)je	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e5a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jbb	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn11	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnb2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnp1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jpc5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf10	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd12	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)ea2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ji6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jbb4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e2b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ec2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jh1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jax2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnb3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.0xo	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ja12	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jbb8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jbb6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jbb6a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd17	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2a\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jj1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jbb1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jax1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ea9a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf12i	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnb1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jk	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jk2a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ec1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jc3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ja4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jpc	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jk1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnc1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1d	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(3\)svs	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ja6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(6\)e1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)ey1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn13	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jf7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(7a\)e0b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnb4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jaa	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)ea	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(1\)ey	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jd3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jpb1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jpc2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)jaz	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e5	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco ios	scope:	eq	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco ios	scope:	eq	version:	xe	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco ios xe	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-004772 // NVD: CVE-2021-1392

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-1392
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-1392
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-1392
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202103-1409
value:	HIGH
Trust: 0.6
VULHUB:	VHN-374446
value:	LOW
Trust: 0.1
VULMON:	CVE-2021-1392
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2021-1392
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-374446
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-1392
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2021-1392
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // NVD: CVE-2021-1392 // NVD: CVE-2021-1392

PROBLEMTYPE DATA

problemtype:	CWE-522	Trust: 1.1
problemtype:	Inadequate protection of credentials (CWE-522) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-374446 // JVNDB: JVNDB-2021-004772 // NVD: CVE-2021-1392

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202103-1409

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409

PATCH

title:	cisco-sa-XE-SAP-OPLbze68	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-SAP-OPLbze68	Trust: 0.8
title:	Cisco IOS and IOS XE Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145711	Trust: 0.6
title:	Cisco: Cisco IOS and IOS XE Software Common Industrial Protocol Privilege Escalation Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-XE-SAP-OPLbze68	Trust: 0.1

sources: VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202103-1409

EXTERNAL IDS

db:	NVD	id:	CVE-2021-1392	Trust: 2.6
db:	JVN	id:	JVNVU99743643	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-004772	Trust: 0.8
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CS-HELP	id:	SB2021042150	Trust: 0.6
db:	ICS CERT	id:	ICSA-21-110-02	Trust: 0.6
db:	CNNVD	id:	CNNVD-202103-1409	Trust: 0.6
db:	VULHUB	id:	VHN-374446	Trust: 0.1
db:	VULMON	id:	CVE-2021-1392	Trust: 0.1

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // NVD: CVE-2021-1392

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-xe-sap-oplbze68	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1392	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu99743643/index.html	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-34940	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-110-02	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021042150	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/522.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/198743	Trust: 0.1

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // NVD: CVE-2021-1392

SOURCES

db:	VULHUB	id:	VHN-374446
db:	VULMON	id:	CVE-2021-1392
db:	JVNDB	id:	JVNDB-2021-004772
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202103-1409
db:	NVD	id:	CVE-2021-1392

LAST UPDATE DATE

2024-08-14T13:16:05.957000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-374446	date:	2021-03-29T00:00:00
db:	VULMON	id:	CVE-2021-1392	date:	2021-03-29T00:00:00
db:	JVNDB	id:	JVNDB-2021-004772	date:	2021-11-29T09:16:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202103-1409	date:	2021-04-22T00:00:00
db:	NVD	id:	CVE-2021-1392	date:	2023-11-07T03:28:11.307

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-374446	date:	2021-03-24T00:00:00
db:	VULMON	id:	CVE-2021-1392	date:	2021-03-24T00:00:00
db:	JVNDB	id:	JVNDB-2021-004772	date:	2021-11-29T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202103-1409	date:	2021-03-24T00:00:00
db:	NVD	id:	CVE-2021-1392	date:	2021-03-24T20:15:14.057