CVE-2021-1419: Cisco Access Points SSH Management Privilege Escalation Vulnerability
First published: Thu Sep 23 2021(Updated: )
A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| cisco aironet 1542d firmware | ||
| Cisco Aironet 1542d | ||
| Cisco Aironet 1562 firmware | ||
| Cisco Aironet 1562 firmware | ||
| Cisco Aironet 1815M Firmware | ||
| Cisco Aironet 1815M Firmware | ||
| Cisco Aironet 1830E Firmware | ||
| Cisco Aironet 1830E Firmware | ||
| Cisco Aironet 1840i Firmware | ||
| Cisco Aironet 1840i Firmware | ||
| Cisco Aironet 1850E Firmware | ||
| Cisco Aironet 1850E Firmware | ||
| cisco aironet 2800i firmware | ||
| Cisco Aironet 2800i | ||
| Cisco Aironet 3800P Firmware | ||
| Cisco Aironet 3800P Firmware | ||
| Cisco Aironet 4800 Firmware | ||
| Cisco Aironet 4800 Firmware | ||
| cisco catalyst 9105axi firmware | ||
| Cisco Catalyst 9105AX | ||
| cisco catalyst 9115axe firmware | ||
| Cisco Catalyst 9115AX | ||
| cisco catalyst 9117 firmware | ||
| Cisco Catalyst 9117AX | ||
| cisco catalyst 9120axi firmware | ||
| Cisco Catalyst 9120axi | ||
| cisco catalyst 9124axd firmware | ||
| Cisco Catalyst 9124 | ||
| cisco catalyst 9130axe firmware | ||
| Cisco Catalyst 9130AXE | ||
| cisco catalyst iw6300 Ac firmware | ||
| cisco catalyst iw6300 Ac | ||
| cisco esw6300 firmware | ||
| cisco esw6300 | ||
| cisco 1100-8p firmware | ||
| Cisco 1100 Series Integrated Services Router | ||
| Cisco CGR 1120 | ||
| Cisco 1120 firmware | ||
| Cisco 1160 Firmware | ||
| Cisco 1160 Integrated Services Router | ||
| Cisco Wireless LAN Controllers | >=8.10<8.10.151.0 | |
| Cisco Catalyst 9800-cl firmware | >=16.12<16.12.6 | |
| Cisco Catalyst 9800-cl firmware | >=17.3<17.3.3 | |
| Cisco Catalyst 9800-cl firmware | =17.4 | |
| Cisco Catalyst 9800-L firmware | ||
| cisco aironet 1542i firmware | ||
| Cisco Aironet 1542i | ||
| Cisco Catalyst 9800-L | ||
| Cisco Catalyst 9800-40 | ||
| Cisco Catalyst 9800-80 | ||
| Cisco Aironet 1562E | ||
| Cisco Aironet 1562E Firmware | ||
| Cisco Aironet 1562 firmware | ||
| Cisco Aironet 1562 firmware | ||
| Cisco Aironet 1815W Firmware | ||
| Cisco Aironet 1815W Firmware | ||
| Cisco Aironet 1815T Firmware | ||
| Cisco Aironet 1815T Firmware | ||
| Cisco Aironet 1815i | ||
| Cisco Aironet 1815i | ||
| Cisco Aironet 1830i Firmware | ||
| Cisco Aironet 1830i Firmware | ||
| Cisco Aironet 1850i Firmware | ||
| Cisco Aironet 1850i Firmware | ||
| cisco aironet 2800e firmware | ||
| Cisco Aironet 2800e | ||
| cisco aironet 3800i firmware | ||
| Cisco Aironet 3800i | ||
| Cisco Aironet 3800E Firmware | ||
| Cisco Aironet 3800E Firmware | ||
| cisco catalyst 9105axw firmware | ||
| Cisco Catalyst 9105AXW | ||
| cisco catalyst 9115axi firmware | ||
| Cisco Catalyst 9115AX | ||
| cisco catalyst 9120axp firmware | ||
| Cisco Catalyst 9120axp | ||
| Cisco Catalyst 9120AXE Firmware | ||
| Cisco Catalyst 9120AXE Firmware | ||
| Cisco Catalyst 9124AXI Firmware | ||
| Cisco Catalyst 9124 | ||
| Cisco Catalyst 9130AX Firmware | ||
| Cisco Catalyst 9130 | ||
| cisco catalyst iw6300 dc firmware | ||
| cisco catalyst iw6300 dc | ||
| cisco catalyst iw6300 dcw firmware | ||
| cisco catalyst iw6300 dcw |
Remedy
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-ap-LLjsGxv
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/author
- agent/type
- agent/remedy
- agent/weakness
- agent/references
- agent/description
- agent/title
- agent/severity
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco aironet 1542d firmware
- canonical/cisco aironet 1542d
- canonical/cisco aironet 1562 firmware
- canonical/cisco aironet 1815m firmware
- canonical/cisco aironet 1830e firmware
- canonical/cisco aironet 1840i firmware
- canonical/cisco aironet 1850e firmware
- canonical/cisco aironet 2800i firmware
- canonical/cisco aironet 2800i
- canonical/cisco aironet 3800p firmware
- canonical/cisco aironet 4800 firmware
- canonical/cisco catalyst 9105axi firmware
- canonical/cisco catalyst 9105ax
- canonical/cisco catalyst 9115axe firmware
- canonical/cisco catalyst 9115ax
- canonical/cisco catalyst 9117 firmware
- canonical/cisco catalyst 9117ax
- canonical/cisco catalyst 9120axi firmware
- canonical/cisco catalyst 9120axi
- canonical/cisco catalyst 9124axd firmware
- canonical/cisco catalyst 9124
- canonical/cisco catalyst 9130axe firmware
- canonical/cisco catalyst 9130axe
- canonical/cisco catalyst iw6300 ac firmware
- canonical/cisco catalyst iw6300 ac
- canonical/cisco esw6300 firmware
- canonical/cisco esw6300
- canonical/cisco 1100-8p firmware
- canonical/cisco 1100 series integrated services router
- canonical/cisco cgr 1120
- canonical/cisco 1120 firmware
- canonical/cisco 1160 firmware
- canonical/cisco 1160 integrated services router
- canonical/cisco wireless lan controllers
- version/cisco wireless lan controllers/8.10
- canonical/cisco catalyst 9800-cl firmware
- version/cisco catalyst 9800-cl firmware/16.12
- version/cisco catalyst 9800-cl firmware/17.3
- version/cisco catalyst 9800-cl firmware/17.4
- canonical/cisco catalyst 9800-l firmware
- canonical/cisco aironet 1542i firmware
- canonical/cisco aironet 1542i
- canonical/cisco catalyst 9800-l
- canonical/cisco catalyst 9800-40
- canonical/cisco catalyst 9800-80
- canonical/cisco aironet 1562e
- canonical/cisco aironet 1562e firmware
- canonical/cisco aironet 1815w firmware
- canonical/cisco aironet 1815t firmware
- canonical/cisco aironet 1815i
- canonical/cisco aironet 1830i firmware
- canonical/cisco aironet 1850i firmware
- canonical/cisco aironet 2800e firmware
- canonical/cisco aironet 2800e
- canonical/cisco aironet 3800i firmware
- canonical/cisco aironet 3800i
- canonical/cisco aironet 3800e firmware
- canonical/cisco catalyst 9105axw firmware
- canonical/cisco catalyst 9105axw
- canonical/cisco catalyst 9115axi firmware
- canonical/cisco catalyst 9120axp firmware
- canonical/cisco catalyst 9120axp
- canonical/cisco catalyst 9120axe firmware
- canonical/cisco catalyst 9124axi firmware
- canonical/cisco catalyst 9130ax firmware
- canonical/cisco catalyst 9130
- canonical/cisco catalyst iw6300 dc firmware
- canonical/cisco catalyst iw6300 dc
- canonical/cisco catalyst iw6300 dcw firmware
- canonical/cisco catalyst iw6300 dcw