var-202103-0539
Vulnerability from variot
A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attacker with level 15 privileges or an unauthenticated attacker with physical access to execute arbitrary code on the underlying Linux operating system of an affected device. This vulnerability is due to incorrect validations of specific function arguments that are passed to the boot script. An attacker could exploit this vulnerability by tampering with a specific file, which an affected device would process during the initial boot process. On systems that are protected by the Unified Extensible Firmware Interface (UEFI) secure boot feature, a successful exploit could allow the attacker to execute unsigned code at boot time and bypass the image verification check in the secure boot process of the affected device. Cisco IOS XE Exists in an active debug code vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Cisco IOS XE is an operating system developed by Cisco for its network equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0539", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.9.0xas", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.5.1b", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.7.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.2.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.8.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.4as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.6", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.5.1a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.4s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.4as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.3", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.4cs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.15.4s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.5b", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.8as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.5as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.2.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.1.1a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.0sp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.12.0as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.4s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.3bsp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.3asp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.3sp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.4s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.9s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.4es", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.4.3", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.8.1e", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.14.4s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.1.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.5sp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.11.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.5f", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.5s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.1csp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.3as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.12.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.10.3", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.10.1a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.2ts", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.1za", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.5s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.1y", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.7as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.5", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.1xbs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.3a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.5b", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.11.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.1a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.11.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.10", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.17.4s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.8.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.1.1t", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.5as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.4", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.1.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.7.4", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.1hsp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.1c", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.9s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.7s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.7as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.10as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.9.1as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.6s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.0bs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.6bs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.15.2xbs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.0as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.4", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.10.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.2a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.4", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.1d", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.10.1b", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.11.4s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.9.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.10.1c", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.15.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.17.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.8s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.17.1as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.4a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.10.1d", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.1.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.5.3", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.7", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.2.1a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.2as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.5.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.10s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.8sp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.6bs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.1bsp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.10s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.4", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.12.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.2t", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.11.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.4s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.7s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.17.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.8.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.8.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.11.1a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.0xas", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.2bs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.3", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.14.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.6", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.1w", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.8.3", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.10s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.1as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.1a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.1as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.2sp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.1sp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.3h", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.10.1f", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.15.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.4.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.4s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.10.1e", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.2.1r", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.7", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.4.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.7.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.7s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.6s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.0cs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.4bs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.8.1c", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.5a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.1asp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.2ts", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.1z", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.15.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.12.4s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.5bs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.2a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.17.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.1gsp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.8.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.10.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.5.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.8s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.2as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.7.1b", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.1b", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.8", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.1.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.3", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.1xcs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.8s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.12.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.1a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.4s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.6s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.8.1b", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.4sp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.11.1c", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.8.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.5", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.7.1a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.5s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.7.3", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.10.1g", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.3", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.8", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.7bs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.9.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.1.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.3.9", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.7a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.11.1b", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.1.3", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.14.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.0bs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.4c", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.5", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.9.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.2as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.12.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.1c", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.2asp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.9s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.8.1a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.11.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.4ds", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.8.1d", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.9.0as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.14.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.15.1cs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.6as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.1x", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.15.1xbs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.5s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.6.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.4a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.15.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.10.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.13.0as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.14.2s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.12.1t", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.2.1v", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.3s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.8asp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.2.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.10.2", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.0xbs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.6s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.17.0s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.4gs", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.0as", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.6sp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.7sp", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.9.3a", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.11.1", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.7.8s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.16.7s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "16.11.1s", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "3.18.1isp", }, { model: "cisco ios xe", scope: "eq", trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-004770", }, { db: "NVD", id: "CVE-2021-1398", }, ], }, cve: "CVE-2021-1398", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.4, id: "CVE-2021-1398", impactScore: 10, integrityImpact: "COMPLETE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.4, id: "VHN-374452", impactScore: 10, integrityImpact: "COMPLETE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:L/AC:M/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "PHYSICAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.9, id: "CVE-2021-1398", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Physical", author: "NVD", availabilityImpact: "High", baseScore: 6.8, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-1398", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-1398", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2021-1398", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-1398", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202103-1407", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-374452", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-1398", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-374452", }, { db: "VULMON", id: "CVE-2021-1398", }, { db: "JVNDB", id: "JVNDB-2021-004770", }, { db: "CNNVD", id: "CNNVD-202103-1407", }, { db: "NVD", id: "CVE-2021-1398", }, { db: "NVD", id: "CVE-2021-1398", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attacker with level 15 privileges or an unauthenticated attacker with physical access to execute arbitrary code on the underlying Linux operating system of an affected device. This vulnerability is due to incorrect validations of specific function arguments that are passed to the boot script. An attacker could exploit this vulnerability by tampering with a specific file, which an affected device would process during the initial boot process. On systems that are protected by the Unified Extensible Firmware Interface (UEFI) secure boot feature, a successful exploit could allow the attacker to execute unsigned code at boot time and bypass the image verification check in the secure boot process of the affected device. Cisco IOS XE Exists in an active debug code vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Cisco IOS XE is an operating system developed by Cisco for its network equipment", sources: [ { db: "NVD", id: "CVE-2021-1398", }, { db: "JVNDB", id: "JVNDB-2021-004770", }, { db: "VULHUB", id: "VHN-374452", }, { db: "VULMON", id: "CVE-2021-1398", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-1398", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2021-004770", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202103-1407", trust: 0.6, }, { db: "VULHUB", id: "VHN-374452", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-1398", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-374452", }, { db: "VULMON", id: "CVE-2021-1398", }, { db: "JVNDB", id: "JVNDB-2021-004770", }, { db: "CNNVD", id: "CNNVD-202103-1407", }, { db: "NVD", id: "CVE-2021-1398", }, ], }, id: "VAR-202103-0539", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-374452", }, ], trust: 0.01, }, last_update_date: "2024-11-23T22:25:10.200000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-XE-ACE-75K3bRWe", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-ACE-75K3bRWe", }, { title: "Cisco IOS XE Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145709", }, { title: "Cisco: Cisco IOS XE Software Arbitrary Code Execution Vulnerability", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-XE-ACE-75K3bRWe", }, ], sources: [ { db: "VULMON", id: "CVE-2021-1398", }, { db: "JVNDB", id: "JVNDB-2021-004770", }, { db: "CNNVD", id: "CNNVD-202103-1407", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-489", trust: 1.1, }, { problemtype: "Active debug code (CWE-489) [ Other ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-374452", }, { db: "JVNDB", id: "JVNDB-2021-004770", }, { db: "NVD", id: "CVE-2021-1398", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.9, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-xe-ace-75k3brwe", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-1398", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-34940", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/489.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-374452", }, { db: "VULMON", id: "CVE-2021-1398", }, { db: "JVNDB", id: "JVNDB-2021-004770", }, { db: "CNNVD", id: "CNNVD-202103-1407", }, { db: "NVD", id: "CVE-2021-1398", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-374452", }, { db: "VULMON", id: "CVE-2021-1398", }, { db: "JVNDB", id: "JVNDB-2021-004770", }, { db: "CNNVD", id: "CNNVD-202103-1407", }, { db: "NVD", id: "CVE-2021-1398", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-03-24T00:00:00", db: "VULHUB", id: "VHN-374452", }, { date: "2021-03-24T00:00:00", db: "VULMON", id: "CVE-2021-1398", }, { date: "2021-11-29T00:00:00", db: "JVNDB", id: "JVNDB-2021-004770", }, { date: "2021-03-24T00:00:00", db: "CNNVD", id: "CNNVD-202103-1407", }, { date: "2021-03-24T20:15:14.213000", db: "NVD", id: "CVE-2021-1398", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-03-29T00:00:00", db: "VULHUB", id: "VHN-374452", }, { date: "2021-03-29T00:00:00", db: "VULMON", id: "CVE-2021-1398", }, { date: "2021-11-29T09:16:00", db: "JVNDB", id: "JVNDB-2021-004770", }, { date: "2021-03-30T00:00:00", db: "CNNVD", id: "CNNVD-202103-1407", }, { date: "2024-11-21T05:44:15.817000", db: "NVD", id: "CVE-2021-1398", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cisco IOS XE Active debug code vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2021-004770", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202103-1407", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.