ID

VAR-202109-0245


CVE

CVE-2021-1619


TITLE

Pillow Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

DESCRIPTION

A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 1.62

sources: NVD: CVE-2021-1619 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-374673 // VULMON: CVE-2021-1619

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.3.5

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.5 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.4.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1y

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1c when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.3 when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.7a

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1 when installed on 1100 series industrial integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.4a

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1d when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.2

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1c when installed on 1100 series industrial integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1e when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.3 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1d when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.6 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1s when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.4 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3a when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1d when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.4s

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1a when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.6

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1b when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1a when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1b

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.1 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.5b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.1

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.6 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.3 when installed on 1100 series industrial integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1d

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.6 when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1a when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1t

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1c

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1d when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.2r when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1a when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1d when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1b when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.4 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3a when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.5.1

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.4 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.5.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.9

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1z1

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.5 when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.2 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.4.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1f

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1c when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.2a

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.4 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.5 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.5a

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.2r when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.2r when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1d when installed on 1100 series industrial integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1b when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.1 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.5 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.5.1b

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.2 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.2 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.4c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.3

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.4 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.4

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1b when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1e when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.3 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.6

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3a when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.4 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1d when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.1r

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.7

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.6 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.4 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1e when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3b when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1s when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b1 when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.5 when installed on 1100 series industrial integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.5a

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.3 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2t

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1a when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.2s

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1f when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.4 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.5

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1e when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.4 when installed on 1100 series industrial integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.4 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.2 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b1 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.5 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.7

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.8

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.3 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.4a

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b1 when installed on 1100 series industrial integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.3

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1a when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.3 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.4 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.3 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1g

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1c

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.2 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3b when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1d when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.1a

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1a when installed on 1100 series industrial integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.4a when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1a

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1 when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.5.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.3a

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.1 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1s

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1s when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.2r when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.2r when installed on 1100 series industrial integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.5.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.3s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.5b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.11

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1c

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3a when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.5 when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wanscope:eqversion:*

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1a when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.2

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.4 when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2a

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3b when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.3 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.5b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.6

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b when installed on 1100 series industrial integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.3

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.2 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3a when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.2

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1s when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.4 when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.3

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1a when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1c when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.4

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.4.2

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.1 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b1 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.10

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.7.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3b when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.4 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.5 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.1 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1a

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.1 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.5 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1e when installed on 1100 series industrial integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.4a when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1w

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.7

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.1v

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1a when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1e when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1s when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.5 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1x

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3b when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.2r when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.2

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.1 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.2 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.1

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.6 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.3 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1a when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.5 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1z

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.3 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.3.9

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1za

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1c when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b1 when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1d

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.10.1 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.11.1b when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.3h

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b when installed on 1000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.4 when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.4a when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b when installed on integrated services virtualscope:eqversion:router

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1t

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1e

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1c when installed on cloud services router 1000vscope:eqversion:series

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.4

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.9.2 when installed on asr 1000 series aggregation servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.8.1d

Trust: 1.0

vendor:ciscomodel:ios xe sd-wan 16.12.1b1 when installed on 4000 series integrated servicesscope:eqversion:routers

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.6.8

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.5f

Trust: 1.0

sources: NVD: CVE-2021-1619

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1619
value: CRITICAL

Trust: 1.0

ykramarz@cisco.com: CVE-2021-1619
value: CRITICAL

Trust: 1.0

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202109-1562
value: CRITICAL

Trust: 0.6

VULHUB: VHN-374673
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-1619
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-1619
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-374673
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1619
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2021-1619
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-374673 // VULMON: CVE-2021-1619 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-1562 // NVD: CVE-2021-1619 // NVD: CVE-2021-1619

PROBLEMTYPE DATA

problemtype:CWE-908

Trust: 1.1

problemtype:CWE-824

Trust: 1.0

sources: VULHUB: VHN-374673 // NVD: CVE-2021-1619

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202109-1562

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:Cisco IOS XE Software Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=163443

Trust: 0.6

title:Cisco: Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-aaa-Yx47ZT8Q

Trust: 0.1

title:Threatposturl:https://threatpost.com/critical-cisco-bugs-wireless-sd-wan/174991/

Trust: 0.1

title:BleepingComputerurl:https://www.bleepingcomputer.com/news/security/cisco-fixes-highly-critical-vulnerabilities-in-ios-xe-software/

Trust: 0.1

sources: VULMON: CVE-2021-1619 // CNNVD: CNNVD-202109-1562

EXTERNAL IDS

db:NVDid:CVE-2021-1619

Trust: 1.8

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021092307

Trust: 0.6

db:AUSCERTid:ESB-2021.3180

Trust: 0.6

db:CNNVDid:CNNVD-202109-1562

Trust: 0.6

db:VULHUBid:VHN-374673

Trust: 0.1

db:VULMONid:CVE-2021-1619

Trust: 0.1

sources: VULHUB: VHN-374673 // VULMON: CVE-2021-1619 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-1562 // NVD: CVE-2021-1619

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-aaa-yx47zt8q

Trust: 2.5

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-ios-xe-privilege-escalation-via-netconf-restconf-36487

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021092307

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3180

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-1619

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/824.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://threatpost.com/critical-cisco-bugs-wireless-sd-wan/174991/

Trust: 0.1

sources: VULHUB: VHN-374673 // VULMON: CVE-2021-1619 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-1562 // NVD: CVE-2021-1619

SOURCES

db:VULHUBid:VHN-374673
db:VULMONid:CVE-2021-1619
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202109-1562
db:NVDid:CVE-2021-1619

LAST UPDATE DATE

2024-08-14T12:19:52.965000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-374673date:2022-07-08T00:00:00
db:VULMONid:CVE-2021-1619date:2021-10-07T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202109-1562date:2022-07-11T00:00:00
db:NVDid:CVE-2021-1619date:2023-11-07T03:28:48.147

SOURCES RELEASE DATE

db:VULHUBid:VHN-374673date:2021-09-23T00:00:00
db:VULMONid:CVE-2021-1619date:2021-09-23T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202109-1562date:2021-09-22T00:00:00
db:NVDid:CVE-2021-1619date:2021-09-23T03:15:12.820