fkie_cve-2021-1391
Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
5.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by bypassing the consent token mechanism with the residual scripts on the affected device. A successful exploit could allow the attacker to escalate from privilege level 15 to root privilege.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios | 12.2\(6\)i1 | |
| cisco | ios | 15.0\(2\)se13a | |
| cisco | ios | 15.1\(3\)svr1 | |
| cisco | ios | 15.1\(3\)svr2 | |
| cisco | ios | 15.1\(3\)svr3 | |
| cisco | ios | 15.1\(3\)svs | |
| cisco | ios | 15.1\(3\)svs1 | |
| cisco | ios | 15.2\(4\)ea10 | |
| cisco | ios | 15.2\(5\)e | |
| cisco | ios | 15.2\(5\)e1 | |
| cisco | ios | 15.2\(5\)e2 | |
| cisco | ios | 15.2\(5\)e2b | |
| cisco | ios | 15.2\(5\)e2c | |
| cisco | ios | 15.2\(5\)ea | |
| cisco | ios | 15.2\(5\)ex | |
| cisco | ios | 15.2\(5a\)e | |
| cisco | ios | 15.2\(5a\)e1 | |
| cisco | ios | 15.2\(5b\)e | |
| cisco | ios | 15.2\(5c\)e | |
| cisco | ios | 15.2\(6\)e | |
| cisco | ios | 15.2\(6\)e0a | |
| cisco | ios | 15.2\(6\)e0c | |
| cisco | ios | 15.2\(6\)e1 | |
| cisco | ios | 15.2\(6\)e1a | |
| cisco | ios | 15.2\(6\)e1s | |
| cisco | ios | 15.2\(6\)e2 | |
| cisco | ios | 15.2\(6\)e2a | |
| cisco | ios | 15.2\(6\)e2b | |
| cisco | ios | 15.2\(6\)e3 | |
| cisco | ios | 15.2\(6\)eb | |
| cisco | ios | 15.2\(7\)e | |
| cisco | ios | 15.2\(7\)e0a | |
| cisco | ios | 15.2\(7\)e0b | |
| cisco | ios | 15.2\(7\)e0s | |
| cisco | ios | 15.2\(7\)e1 | |
| cisco | ios | 15.2\(7\)e1a | |
| cisco | ios | 15.2\(7\)e2 | |
| cisco | ios | 15.2\(7\)e2a | |
| cisco | ios | 15.2\(7\)e2b | |
| cisco | ios | 15.2\(7\)e3 | |
| cisco | ios | 15.2\(7\)e3k | |
| cisco | ios | 15.2\(7a\)e0b | |
| cisco | ios | 15.2\(7b\)e0b | |
| cisco | ios | 15.3\(3\)jf13 | |
| cisco | ios_xe | 3.9.0e | |
| cisco | ios_xe | 3.9.1e | |
| cisco | ios_xe | 3.9.2be | |
| cisco | ios_xe | 3.9.2e | |
| cisco | ios_xe | 3.10.0ce | |
| cisco | ios_xe | 3.10.0e | |
| cisco | ios_xe | 3.10.1ae | |
| cisco | ios_xe | 3.10.1e | |
| cisco | ios_xe | 3.10.1se | |
| cisco | ios_xe | 3.10.2e | |
| cisco | ios_xe | 3.10.3e | |
| cisco | ios_xe | 3.11.0e | |
| cisco | ios_xe | 3.11.1ae | |
| cisco | ios_xe | 3.11.1e | |
| cisco | ios_xe | 3.11.2ae | |
| cisco | ios_xe | 3.11.2e | |
| cisco | ios_xe | 3.11.3ae | |
| cisco | ios_xe | 3.11.3e | |
| cisco | ios_xe | 16.8.1 | |
| cisco | ios_xe | 16.8.1a | |
| cisco | ios_xe | 16.8.1b | |
| cisco | ios_xe | 16.8.1c | |
| cisco | ios_xe | 16.8.1d | |
| cisco | ios_xe | 16.8.1e | |
| cisco | ios_xe | 16.8.1s | |
| cisco | ios_xe | 16.8.2 | |
| cisco | ios_xe | 16.8.3 | |
| cisco | ios_xe | 16.9.1 | |
| cisco | ios_xe | 16.9.1a | |
| cisco | ios_xe | 16.9.1b | |
| cisco | ios_xe | 16.9.1c | |
| cisco | ios_xe | 16.9.1d | |
| cisco | ios_xe | 16.9.1s | |
| cisco | ios_xe | 16.9.2 | |
| cisco | ios_xe | 16.9.2a | |
| cisco | ios_xe | 16.9.2s | |
| cisco | ios_xe | 16.9.3 | |
| cisco | ios_xe | 16.9.3a | |
| cisco | ios_xe | 16.9.3h | |
| cisco | ios_xe | 16.9.3s | |
| cisco | ios_xe | 16.9.4 | |
| cisco | ios_xe | 16.9.4c | |
| cisco | ios_xe | 16.9.5 | |
| cisco | ios_xe | 16.9.5f | |
| cisco | ios_xe | 16.9.6 | |
| cisco | ios_xe | 16.10.1 | |
| cisco | ios_xe | 16.10.1a | |
| cisco | ios_xe | 16.10.1b | |
| cisco | ios_xe | 16.10.1c | |
| cisco | ios_xe | 16.10.1d | |
| cisco | ios_xe | 16.10.1e | |
| cisco | ios_xe | 16.10.1f | |
| cisco | ios_xe | 16.10.1g | |
| cisco | ios_xe | 16.10.1s | |
| cisco | ios_xe | 16.10.2 | |
| cisco | ios_xe | 16.10.3 | |
| cisco | ios_xe | 16.11.1 | |
| cisco | ios_xe | 16.11.1a | |
| cisco | ios_xe | 16.11.1b | |
| cisco | ios_xe | 16.11.1c | |
| cisco | ios_xe | 16.11.1s | |
| cisco | ios_xe | 16.11.2 | |
| cisco | ios_xe | 16.12.1 | |
| cisco | ios_xe | 16.12.1a | |
| cisco | ios_xe | 16.12.1c | |
| cisco | ios_xe | 16.12.1s | |
| cisco | ios_xe | 16.12.1t | |
| cisco | ios_xe | 16.12.1w | |
| cisco | ios_xe | 16.12.1x | |
| cisco | ios_xe | 16.12.1y | |
| cisco | ios_xe | 16.12.1z | |
| cisco | ios_xe | 16.12.1za | |
| cisco | ios_xe | 16.12.2 | |
| cisco | ios_xe | 16.12.2a | |
| cisco | ios_xe | 16.12.2s | |
| cisco | ios_xe | 16.12.2t | |
| cisco | ios_xe | 16.12.3 | |
| cisco | ios_xe | 16.12.3a | |
| cisco | ios_xe | 16.12.3s | |
| cisco | ios_xe | 17.1.1 | |
| cisco | ios_xe | 17.1.1a | |
| cisco | ios_xe | 17.1.1s | |
| cisco | ios_xe | 17.1.1t | |
| cisco | ios_xe | 17.1.2 | |
| cisco | ios_xe | 17.2.1 | |
| cisco | ios_xe | 17.2.1a | |
| cisco | ios_xe | 17.2.1r | |
| cisco | ios_xe | 17.2.1v | |
| cisco | ios_xe | 17.2.2 | |
| cisco | ios_xe | 17.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(6\\)i1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEAFD220-48D7-46EE-8537-A69C5F8D0F2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se13a:*:*:*:*:*:*:*",
"matchCriteriaId": "E212B3A0-5A20-40B7-BBF6-CC420B0C86AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svr1:*:*:*:*:*:*:*",
"matchCriteriaId": "806D2FF1-EADA-44C8-94BD-6BC18D138150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svr2:*:*:*:*:*:*:*",
"matchCriteriaId": "643D7544-34DA-46D9-831F-421ED00F3579",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svr3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6354447-07DF-4913-82D9-BF249663499F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svs:*:*:*:*:*:*:*",
"matchCriteriaId": "46EC35AA-4BD3-4FBB-878D-3313D37D9AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)svs1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAC36DC-F4C5-4C4C-9C27-20FD45AA4A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea10:*:*:*:*:*:*:*",
"matchCriteriaId": "F09A26FF-6A8F-4D73-B3E8-0333F994D1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "F112DE64-0042-4FB9-945D-3107468193E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "E027FB12-862F-413E-AA2B-4BBD90AE3650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD28874B-148A-4299-9AA1-67A550B25F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e2b:*:*:*:*:*:*:*",
"matchCriteriaId": "45B80CBC-961F-4EE8-A998-C0A827151EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e2c:*:*:*:*:*:*:*",
"matchCriteriaId": "E7131776-5DEB-4B96-8483-B81B538E24FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)ea:*:*:*:*:*:*:*",
"matchCriteriaId": "BE991877-18E0-4374-A441-C2316085CCA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)ex:*:*:*:*:*:*:*",
"matchCriteriaId": "7A472B96-0DDE-49DD-A7E3-A82DD6AEB3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5a\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "3A2EB46D-16E0-4C31-8634-C33D70B5381A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5a\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "757EB1A1-4764-4108-9AB1-F33CF9CEE574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5b\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "F29B2E6F-ED6C-4568-9042-7A1BD96A9E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5c\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "7803B445-FE22-4D4B-9F3A-68EFE528195E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "199DCF1B-8A1E-47CC-87A6-64E6F21D8886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e0a:*:*:*:*:*:*:*",
"matchCriteriaId": "C5B78669-3B28-4F1D-993D-85282A7D0E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e0c:*:*:*:*:*:*:*",
"matchCriteriaId": "DD05109E-1183-419D-96A1-9CD5EA5ECC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C73A3A-4B84-476F-AC3C-81DCB527E29A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e1a:*:*:*:*:*:*:*",
"matchCriteriaId": "7551128E-9E23-4C42-A681-6BE64D284C93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e1s:*:*:*:*:*:*:*",
"matchCriteriaId": "0EB7BFE1-06ED-4B45-8B4F-2B309B8D6342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEE2C71-C401-43D1-86DC-725FE5FDF87E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1758F264-96F9-4EE9-9CA9-AD5407885547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e2b:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2842F6-4CD5-457C-AC75-241A5AB9534B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABE0470-E94A-4CAF-865D-73E2607A0DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)eb:*:*:*:*:*:*:*",
"matchCriteriaId": "A9CCD7E3-C62B-4151-96FF-1175D4896E95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "6437E689-A049-4D48-AB7A-49CA7EBDE8B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e0a:*:*:*:*:*:*:*",
"matchCriteriaId": "110B699D-169E-4932-A480-6EBB90CAE94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e0b:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C12918-E5BB-465E-9DA4-06B7351DD805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e0s:*:*:*:*:*:*:*",
"matchCriteriaId": "4862C453-8BD7-4D53-B2D6-CE3E44A4915A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0C4E1F4-AD64-418C-A308-85501E0F3EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e1a:*:*:*:*:*:*:*",
"matchCriteriaId": "27EF41C6-A0D0-4149-BC5D-B31C4F5CC6D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "57ED9CDC-FC03-4DA7-A791-CE61D0D8364D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e2a:*:*:*:*:*:*:*",
"matchCriteriaId": "AB8C3BBA-4829-4006-B7EB-F552D86922C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e2b:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE4D84-423F-4A5E-9B06-D5231BF1E03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "F980EFA3-BB92-49D3-8D5F-2804BB44ABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e3k:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6D0AA7-E879-4303-AB2D-4FEF3574B60E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7a\\)e0b:*:*:*:*:*:*:*",
"matchCriteriaId": "1374E243-4EC2-4A81-991C-B5705135CAD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7b\\)e0b:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECA6101-94BA-4209-8243-A56AF02963EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf13:*:*:*:*:*:*:*",
"matchCriteriaId": "06216CEE-F15D-4B31-A5A3-B2C226E2D25B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "B9EC727B-AF92-460D-B61D-F45ECEEE5D56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "D5604A84-8240-45B6-9027-B03AA549CD5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.2be:*:*:*:*:*:*:*",
"matchCriteriaId": "895DAB3D-5C14-4D0B-94FA-EB7C7C7BB0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9846AE-1344-4EE4-9FDF-6CE17D9461FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.0ce:*:*:*:*:*:*:*",
"matchCriteriaId": "3363DF79-8A5A-4BE2-B04C-253A4A3A0ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "25725655-EBDE-4538-8AE1-CF5C81F09C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1ae:*:*:*:*:*:*:*",
"matchCriteriaId": "A98F2654-46F3-4C63-A2C2-48B372C655B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4E206B-37BF-4D61-BE90-80BB65C0C582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1se:*:*:*:*:*:*:*",
"matchCriteriaId": "17674BAD-F2F1-4E63-AAE0-FEAC14C37CBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "4117E2EC-F58A-4B22-AB72-FC63A0D96E7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "20286676-70FF-471C-9612-74E5F0ECB8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "F327F7D0-93E8-4005-9ECB-44852C16BB4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.1ae:*:*:*:*:*:*:*",
"matchCriteriaId": "27252883-091A-471D-87FC-E07EADBC6FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF9D58E-CD75-47B1-938C-B5C0A73E28FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.2ae:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC3D979-02B2-4EEC-A6C2-A44C9FC694D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C340CE-7F18-448B-B9BE-BFEB1724C882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.3ae:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C1CA89-0FE4-4DC3-BB4B-299114E172AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "5F79BC92-0869-447C-AF34-3FBF42375D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4463A1D1-E169-4F0B-91B2-FA126BB444CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D97F69C3-CAA6-491C-A0B6-6DC12B5AB472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD58C58-1B0C-4A71-8C02-F555CEF9C253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "96852D16-AF50-4C70-B125-D2349E6765D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "A15B882A-BA60-4932-A55E-F4A798B30EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9C585C-A6EC-4385-B915-046C110BF95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC2EE60-4A07-4D92-B9BC-BF07CF4F2BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47DBE4ED-1CD8-4134-9B33-17A91F44F17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0375BF9E-D04B-4E5B-9051-536806ECA44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "2266E5A2-B3F6-4389-B8E2-42CB845EC7F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "012A6CF7-9104-4882-9C95-E6D4458AB778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF5214D-9257-498F-A3EB-C4EC18E2FEB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "78DE7780-4E8B-4BB6-BDEB-58032EC65851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F29CEE37-4044-4A3C-9685-C9C021FD346A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "3DC5BB06-100F-42C9-8CEB-CC47FD26DDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "5292764A-7D1C-4E04-86EF-809CB68EDD25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FDA817-3A50-4B9E-8F4E-F613BDB3E9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "1E16D266-108F-4F8A-998D-F1CA25F2EAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3h:*:*:*:*:*:*:*",
"matchCriteriaId": "F84AE35F-D016-4B8F-8FE2-C2ACB200DFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "41D55481-C80E-4400-9C3D-9F6B1F7F13CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BF9829-F80E-4837-A420-39B291C4E17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "D07F9539-CFBE-46F7-9F5E-93A68169797D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AB80E7-0714-44ED-9671-12C877B36A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5f:*:*:*:*:*:*:*",
"matchCriteriaId": "10182B94-6831-461E-B0FC-9476EAB6EBEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "961F8312-31B9-44E7-8858-EF8E2134F447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D136D2BC-FFB5-4912-A3B1-BD96148CB9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "A22256FE-431C-4AD9-9E7F-7EAC2D81B1B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD5B3AB-27C2-4055-A3B7-0112D089FDA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "04081A51-E08F-4114-9276-584E836181D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "ADED0D82-2A4D-4235-BFAC-5EE2D862B652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "62A46516-CEB7-48D4-879B-341963A1FA31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1g:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EF98FA-6DF9-4935-9639-143E08462BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A443E93-6C4B-4F86-BA7C-7C2A929E795A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECEDD9D-6517-44BA-A95F-D1D5488C0E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "314C7763-A64D-4023-9F3F-9A821AE4151F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "5820D71D-FC93-45AA-BC58-A26A1A39C936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1C85DD-69CC-4AA8-B219-651D57FC3506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B53E377A-0296-4D7A-B97C-576B0026543D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD98C9E8-3EA6-4160-970D-37C389576516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "7745ED34-D59D-49CC-B174-96BCA03B3374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "19AF4CF3-6E79-4EA3-974D-CD451A192BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "313BD54C-073C-4F27-82D5-C99EFC3A20F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "93B96E01-3777-4C33-9225-577B469A6CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "65FC3CC1-CF4F-4A2D-A500-04395AFE8B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1za:*:*:*:*:*:*:*",
"matchCriteriaId": "027200FC-8AD4-47E4-A404-490AE4F997EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "443D78BA-A3DA-4D1F-A4DF-2F426DC6B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6FB4DC-814D-49D2-BBE2-3861AE985A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9173AD6-6658-4267-AAA7-D50D0B657528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89369318-2E83-489F-B872-5F2E247BBF8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08DCCBA3-82D2-4444-B5D3-E5FC58D024F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by bypassing the consent token mechanism with the residual scripts on the affected device. A successful exploit could allow the attacker to escalate from privilege level 15 to root privilege."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el depurador dragonite del Software Cisco IOS XE, podr\u00eda permitir a un atacante local autenticado escalar del nivel de privilegio 15 al privilegio de root.\u0026#xa0;La vulnerabilidad es debido a la presencia de scripts de prueba y comprobaci\u00f3n de desarrollo que permanecieron en el dispositivo.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al omitir el mecanismo del token de consentimiento con los scripts residuales en el dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante escalar del nivel de privilegio 15 al privilegio de root"
}
],
"id": "CVE-2021-1391",
"lastModified": "2024-11-21T05:44:14.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 4.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-24T20:15:13.993",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-FSM-Yj8qJbJc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-FSM-Yj8qJbJc"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-489"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…