ID

VAR-202110-0201


CVE

CVE-2021-34711


TITLE

Cisco IP Phone Path traversal vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202110-303

DESCRIPTION

A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug shell command. A successful exploit could allow the attacker to read any file on the device file system

Trust: 0.99

sources: NVD: CVE-2021-34711 // VULMON: CVE-2021-34711

AFFECTED PRODUCTS

vendor:ciscomodel:ip phone 8831scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phone 8841scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phone 7841scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phones 8832scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phone 7832scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phone 8811scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip conference phone 7832scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phone 7861scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phone 8865scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:wireless ip phone 8821scope:ltversion:11.0\(6\)sr2

Trust: 1.0

vendor:ciscomodel:ip conference phone 8832scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phone 8851scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phone 8861scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phone 7811scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phone 7821scope:ltversion:14.1\(1\)

Trust: 1.0

vendor:ciscomodel:ip phone 8845scope:ltversion:14.1\(1\)

Trust: 1.0

sources: NVD: CVE-2021-34711

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-34711
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2021-34711
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202110-303
value: MEDIUM

Trust: 0.6

VULMON: CVE-2021-34711
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2021-34711
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

nvd@nist.gov: CVE-2021-34711
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 2.0

sources: VULMON: CVE-2021-34711 // CNNVD: CNNVD-202110-303 // NVD: CVE-2021-34711 // NVD: CVE-2021-34711

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.0

problemtype:CWE-36

Trust: 1.0

sources: NVD: CVE-2021-34711

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202110-303

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202110-303

PATCH

title:Cisco IP Phone Repair measures for path traversal vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=165859

Trust: 0.6

title:Cisco: Cisco IP Phone Software Arbitrary File Read Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ipphone-arbfileread-NPdtE2Ow

Trust: 0.1

sources: VULMON: CVE-2021-34711 // CNNVD: CNNVD-202110-303

EXTERNAL IDS

db:NVDid:CVE-2021-34711

Trust: 1.7

db:AUSCERTid:ESB-2021.3315

Trust: 0.6

db:CS-HELPid:SB2021100709

Trust: 0.6

db:CNNVDid:CNNVD-202110-303

Trust: 0.6

db:VULMONid:CVE-2021-34711

Trust: 0.1

sources: VULMON: CVE-2021-34711 // CNNVD: CNNVD-202110-303 // NVD: CVE-2021-34711

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ipphone-arbfileread-npdte2ow

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-34711

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021100709

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3315

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-ip-phone-file-reading-via-url-filtering-bypass-36606

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/22.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2021-34711 // CNNVD: CNNVD-202110-303 // NVD: CVE-2021-34711

SOURCES

db:VULMONid:CVE-2021-34711
db:CNNVDid:CNNVD-202110-303
db:NVDid:CVE-2021-34711

LAST UPDATE DATE

2024-08-14T14:03:03.715000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2021-34711date:2021-10-14T00:00:00
db:CNNVDid:CNNVD-202110-303date:2021-10-15T00:00:00
db:NVDid:CVE-2021-34711date:2023-11-07T03:36:09.800

SOURCES RELEASE DATE

db:VULMONid:CVE-2021-34711date:2021-10-06T00:00:00
db:CNNVDid:CNNVD-202110-303date:2021-10-06T00:00:00
db:NVDid:CVE-2021-34711date:2021-10-06T20:15:09.587