ID

VAR-202103-0537


CVE

CVE-2021-1392


TITLE

Cisco IOS  and  IOS XE  Vulnerability regarding inadequate protection of credentials in

Trust: 0.8

sources: JVNDB: JVNDB-2021-004772

DESCRIPTION

A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip security CLI command. An attacker could exploit this vulnerability by issuing the command to retrieve the password for CIP on an affected device. A successful exploit could allow the attacker to reconfigure the device. Cisco IOS and IOS XE Exists in an inadequate protection of credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Both Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network equipment

Trust: 2.34

sources: NVD: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-374446 // VULMON: CVE-2021-1392

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:17.2.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e7

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd17

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.0\(1\)ey2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.3.1xo

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.3.0xo

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnp1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn14

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf10

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.1\(3\)svs

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jj

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.5be

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn9

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.7.4e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2a\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd12

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnp

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf9

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn15

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e5b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpd

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ec2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd13

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc14

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea9

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1t

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2b\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jj1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jg

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)eb2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5a\)e1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jh1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd16

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb6a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd9

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e5a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jax2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1d

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea10

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.7.5e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e7b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(7\)e0b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jaa

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ec1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e0c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2t

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf12

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jax

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(7a\)e0b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e1a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e10

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn13

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk2a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e2c

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd11

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk1t

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(7b\)e0b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf13

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.0\(1\)ey

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)e5a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf12i

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)eb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e1s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e0a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.1\(3\)svt1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1c

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnp3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.3.2xo

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e9

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)eb1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd14

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn11

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e2b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jg1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja10

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea9a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(1\)ey

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jh

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.0\(1\)ey1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf11

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)je

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpb1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja12

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)jaz

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja11

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jax1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc9

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc1

Trust: 1.0

vendor:シスコシステムズmodel:cisco iosscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco iosscope:eqversion:xe

Trust: 0.8

vendor:シスコシステムズmodel:cisco ios xescope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-004772 // NVD: CVE-2021-1392

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1392
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2021-1392
value: HIGH

Trust: 1.0

NVD: CVE-2021-1392
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202103-1409
value: HIGH

Trust: 0.6

VULHUB: VHN-374446
value: LOW

Trust: 0.1

VULMON: CVE-2021-1392
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2021-1392
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-374446
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1392
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2021-1392
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // NVD: CVE-2021-1392 // NVD: CVE-2021-1392

PROBLEMTYPE DATA

problemtype:CWE-522

Trust: 1.1

problemtype:Inadequate protection of credentials (CWE-522) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-374446 // JVNDB: JVNDB-2021-004772 // NVD: CVE-2021-1392

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202103-1409

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409

PATCH

title:cisco-sa-XE-SAP-OPLbze68url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-SAP-OPLbze68

Trust: 0.8

title:Cisco IOS and IOS XE Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145711

Trust: 0.6

title:Cisco: Cisco IOS and IOS XE Software Common Industrial Protocol Privilege Escalation Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-XE-SAP-OPLbze68

Trust: 0.1

sources: VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202103-1409

EXTERNAL IDS

db:NVDid:CVE-2021-1392

Trust: 2.6

db:JVNid:JVNVU99743643

Trust: 0.8

db:JVNDBid:JVNDB-2021-004772

Trust: 0.8

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021042150

Trust: 0.6

db:ICS CERTid:ICSA-21-110-02

Trust: 0.6

db:CNNVDid:CNNVD-202103-1409

Trust: 0.6

db:VULHUBid:VHN-374446

Trust: 0.1

db:VULMONid:CVE-2021-1392

Trust: 0.1

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // NVD: CVE-2021-1392

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-xe-sap-oplbze68

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2021-1392

Trust: 1.4

url:https://jvn.jp/vu/jvnvu99743643/index.html

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-34940

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-110-02

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021042150

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/522.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/198743

Trust: 0.1

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // NVD: CVE-2021-1392

SOURCES

db:VULHUBid:VHN-374446
db:VULMONid:CVE-2021-1392
db:JVNDBid:JVNDB-2021-004772
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202103-1409
db:NVDid:CVE-2021-1392

LAST UPDATE DATE

2024-11-23T21:19:00.334000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-374446date:2021-03-29T00:00:00
db:VULMONid:CVE-2021-1392date:2021-03-29T00:00:00
db:JVNDBid:JVNDB-2021-004772date:2021-11-29T09:16:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202103-1409date:2021-04-22T00:00:00
db:NVDid:CVE-2021-1392date:2024-11-21T05:44:14.933

SOURCES RELEASE DATE

db:VULHUBid:VHN-374446date:2021-03-24T00:00:00
db:VULMONid:CVE-2021-1392date:2021-03-24T00:00:00
db:JVNDBid:JVNDB-2021-004772date:2021-11-29T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202103-1409date:2021-03-24T00:00:00
db:NVDid:CVE-2021-1392date:2021-03-24T20:15:14.057