Details of VAR-202107-1554

ID

VAR-202107-1554

CVE

CVE-2021-1359

TITLE

Pillow Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

DESCRIPTION

A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied XML input for the web interface. An attacker could exploit this vulnerability by uploading crafted XML configuration files that contain scripting code to a vulnerable device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. An attacker would need a valid user account with the rights to upload configuration files to exploit this vulnerability. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Cisco Web Security Appliance (WSA) is a web security appliance of Cisco (Cisco). The appliance provides SaaS-based access control, real-time network reporting and tracking, and security policy formulation

Trust: 1.62

sources: NVD: CVE-2021-1359 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-374413 // VULMON: CVE-2021-1359

AFFECTED PRODUCTS

vendor:	cisco	model:	web security appliance	scope:	eq	version:	11.8.0-429	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	lt	version:	12.5.2	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	11.8.0-453	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	gte	version:	12.5.0	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	gte	version:	11.8.0	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	lt	version:	12.0.3-005	Trust: 1.0

sources: NVD: CVE-2021-1359

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-1359
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-1359
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202107-380
value:	HIGH
Trust: 0.6
VULHUB:	VHN-374413
value:	HIGH
Trust: 0.1
VULMON:	CVE-2021-1359
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-1359
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-374413
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-1359
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-1359
baseSeverity:	MEDIUM
baseScore:	6.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	2.8
impactScore:	3.4
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-374413 // VULMON: CVE-2021-1359 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-380 // NVD: CVE-2021-1359 // NVD: CVE-2021-1359

PROBLEMTYPE DATA

problemtype:	CWE-112	Trust: 1.0
problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-74	Trust: 0.1

sources: VULHUB: VHN-374413 // NVD: CVE-2021-1359

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202107-380

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-380

PATCH

title:	Cisco Web Security Appliance Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=156215	Trust: 0.6
title:	Cisco: Cisco Web Security Appliance Privilege Escalation Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-scr-web-priv-esc-k3HCGJZ	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/cisco-bpa-wsa-bugs-cyberattacks/167654/	Trust: 0.1

sources: VULMON: CVE-2021-1359 // CNNVD: CNNVD-202107-380

EXTERNAL IDS

db:	NVD	id:	CVE-2021-1359	Trust: 1.8
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2332.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2332	Trust: 0.6
db:	CS-HELP	id:	SB2021070810	Trust: 0.6
db:	CNNVD	id:	CNNVD-202107-380	Trust: 0.6
db:	VULHUB	id:	VHN-374413	Trust: 0.1
db:	VULMON	id:	CVE-2021-1359	Trust: 0.1

sources: VULHUB: VHN-374413 // VULMON: CVE-2021-1359 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-380 // NVD: CVE-2021-1359

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-scr-web-priv-esc-k3hcgjz	Trust: 2.5
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2332	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-web-security-appliance-shell-command-injection-via-an-xml-file-35835	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021070810	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2332.2	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1359	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/74.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/cisco-bpa-wsa-bugs-cyberattacks/167654/	Trust: 0.1

sources: VULHUB: VHN-374413 // VULMON: CVE-2021-1359 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-380 // NVD: CVE-2021-1359

SOURCES

db:	VULHUB	id:	VHN-374413
db:	VULMON	id:	CVE-2021-1359
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202107-380
db:	NVD	id:	CVE-2021-1359

LAST UPDATE DATE

2024-08-14T13:18:47.725000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-374413	date:	2021-10-26T00:00:00
db:	VULMON	id:	CVE-2021-1359	date:	2021-07-12T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202107-380	date:	2021-10-27T00:00:00
db:	NVD	id:	CVE-2021-1359	date:	2023-11-07T03:28:05.377

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-374413	date:	2021-07-08T00:00:00
db:	VULMON	id:	CVE-2021-1359	date:	2021-07-08T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202107-380	date:	2021-07-07T00:00:00
db:	NVD	id:	CVE-2021-1359	date:	2021-07-08T19:15:08.287