ID

VAR-202103-0763


CVE

CVE-2021-1453


TITLE

Cisco IOS XE  Digital Signature Verification Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-004757

DESCRIPTION

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check in the code function that manages the verification of the digital signatures of system image files during the initial boot process. An attacker could exploit this vulnerability by loading unsigned software on an affected device. A successful exploit could allow the attacker to boot a malicious software image or execute unsigned code and bypass the image verification check part of the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated physical access to the device or obtain privileged access to the root shell on the device. Cisco IOS XE Exists in a digital signature validation vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Cisco Catalyst 9000 is a switchboard of Cisco (Cisco)

Trust: 1.8

sources: NVD: CVE-2021-1453 // JVNDB: JVNDB-2021-004757 // VULHUB: VHN-374507 // VULMON: CVE-2021-1453

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:17.2.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.3.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.3.2a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.4a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.4s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.6

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.3.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.6

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.15.1xbs

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.3s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2t

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.2s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.4.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.7

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.15.2xbs

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.4a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1t

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.8

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3s

Trust: 1.0

vendor:シスコシステムズmodel:cisco ios xescope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco ios xescope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-004757 // NVD: CVE-2021-1453

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1453
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2021-1453
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-1453
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202103-1391
value: MEDIUM

Trust: 0.6

VULHUB: VHN-374507
value: HIGH

Trust: 0.1

VULMON: CVE-2021-1453
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-1453
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-374507
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1453
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.9
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2021-1453
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-374507 // VULMON: CVE-2021-1453 // JVNDB: JVNDB-2021-004757 // CNNVD: CNNVD-202103-1391 // NVD: CVE-2021-1453 // NVD: CVE-2021-1453

PROBLEMTYPE DATA

problemtype:CWE-347

Trust: 1.1

problemtype:Improper verification of digital signatures (CWE-347) [ Other ]

Trust: 0.8

sources: VULHUB: VHN-374507 // JVNDB: JVNDB-2021-004757 // NVD: CVE-2021-1453

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-202103-1391

PATCH

title:cisco-sa-ios-xe-cat-verify-BQ5hrXgHurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cat-verify-BQ5hrXgH

Trust: 0.8

title:Cisco Cisco Catalyst 9000 Repair measures for data forgery problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145696

Trust: 0.6

title:Cisco: Cisco IOS XE Software for the Catalyst 9000 Family Arbitrary Code Execution Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ios-xe-cat-verify-BQ5hrXgH

Trust: 0.1

sources: VULMON: CVE-2021-1453 // JVNDB: JVNDB-2021-004757 // CNNVD: CNNVD-202103-1391

EXTERNAL IDS

db:NVDid:CVE-2021-1453

Trust: 2.6

db:JVNDBid:JVNDB-2021-004757

Trust: 0.8

db:CNNVDid:CNNVD-202103-1391

Trust: 0.6

db:VULHUBid:VHN-374507

Trust: 0.1

db:VULMONid:CVE-2021-1453

Trust: 0.1

sources: VULHUB: VHN-374507 // VULMON: CVE-2021-1453 // JVNDB: JVNDB-2021-004757 // CNNVD: CNNVD-202103-1391 // NVD: CVE-2021-1453

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ios-xe-cat-verify-bq5hrxgh

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2021-1453

Trust: 1.4

url:https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-34940

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/347.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/198735

Trust: 0.1

sources: VULHUB: VHN-374507 // VULMON: CVE-2021-1453 // JVNDB: JVNDB-2021-004757 // CNNVD: CNNVD-202103-1391 // NVD: CVE-2021-1453

SOURCES

db:VULHUBid:VHN-374507
db:VULMONid:CVE-2021-1453
db:JVNDBid:JVNDB-2021-004757
db:CNNVDid:CNNVD-202103-1391
db:NVDid:CVE-2021-1453

LAST UPDATE DATE

2024-08-14T15:22:21.833000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-374507date:2021-03-29T00:00:00
db:VULMONid:CVE-2021-1453date:2021-03-29T00:00:00
db:JVNDBid:JVNDB-2021-004757date:2021-11-29T09:16:00
db:CNNVDid:CNNVD-202103-1391date:2021-03-30T00:00:00
db:NVDid:CVE-2021-1453date:2023-11-07T03:28:20.920

SOURCES RELEASE DATE

db:VULHUBid:VHN-374507date:2021-03-24T00:00:00
db:VULMONid:CVE-2021-1453date:2021-03-24T00:00:00
db:JVNDBid:JVNDB-2021-004757date:2021-11-29T00:00:00
db:CNNVDid:CNNVD-202103-1391date:2021-03-24T00:00:00
db:NVDid:CVE-2021-1453date:2021-03-24T20:15:15.623