What is the severity of cisco-sa-ade-xcvAQEOZ?

The severity of cisco-sa-ade-xcvAQEOZ is classified as high due to its potential impact on directory access and arbitrary file writing.

How do I fix cisco-sa-ade-xcvAQEOZ?

To fix cisco-sa-ade-xcvAQEOZ, upgrade to the recommended patched versions of Cisco EPN Manager, ISE, or Cisco Prime Infrastructure as specified in the advisory.

What products are affected by cisco-sa-ade-xcvAQEOZ?

The affected products under cisco-sa-ade-xcvAQEOZ include Cisco EPN Manager, Cisco ISE, and Cisco Prime Infrastructure.

Can an unauthenticated user exploit cisco-sa-ade-xcvAQEOZ?

No, cisco-sa-ade-xcvAQEOZ requires an authenticated local attacker to exploit the vulnerability.

What types of attacks can cisco-sa-ade-xcvAQEOZ facilitate?

cisco-sa-ade-xcvAQEOZ can facilitate unauthorized directory disclosure and arbitrary file writing on the affected systems.

Vulnerability/
cisco-sa-ade-xcvAQEOZ

medium

4.4

CWE

19/5/2021

cisco-sa-ade-xcvAQEOZ: Cisco ADE-OS Local File Inclusion Vulnerability

First published: Wed May 19 2021(Updated: )

A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system. This vulnerability is due to improper validation of parameters that are sent to a CLI command within the restricted shell. An attacker could exploit this vulnerability by logging in to the device and issuing certain CLI commands. A successful exploit could allow the attacker to identify file directories on the affected device and write arbitrary files to the file system on the affected device. To exploit this vulnerability, the attacker must be an authenticated shell user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ade-xcvAQEOZ

Credit: employees Conscia

Affected Software	Affected Version	How to fix
Cisco Products	>=EPN Manager<=ISE<2.6 Patch10 and later2.7 Patch4 and later3.0 Patch2 and later3.1 and later	2.6 Patch10 and later2.7 Patch4 and later3.0 Patch2 and later3.1 and later

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ade-xcvAQEOZ (Advisory)

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2021-1306

Frequently Asked Questions

What is the severity of cisco-sa-ade-xcvAQEOZ?
The severity of cisco-sa-ade-xcvAQEOZ is classified as high due to its potential impact on directory access and arbitrary file writing.
How do I fix cisco-sa-ade-xcvAQEOZ?
To fix cisco-sa-ade-xcvAQEOZ, upgrade to the recommended patched versions of Cisco EPN Manager, ISE, or Cisco Prime Infrastructure as specified in the advisory.
What products are affected by cisco-sa-ade-xcvAQEOZ?
The affected products under cisco-sa-ade-xcvAQEOZ include Cisco EPN Manager, Cisco ISE, and Cisco Prime Infrastructure.
Can an unauthenticated user exploit cisco-sa-ade-xcvAQEOZ?
No, cisco-sa-ade-xcvAQEOZ requires an authenticated local attacker to exploit the vulnerability.
What types of attacks can cisco-sa-ade-xcvAQEOZ facilitate?
cisco-sa-ade-xcvAQEOZ can facilitate unauthorized directory disclosure and arbitrary file writing on the affected systems.

agent/type
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/weakness
agent/author
agent/references
agent/title
agent/severity
agent/description
agent/event
agent/source
agent/tags
collector/cisco-advisory
source/Cisco
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco products
version/cisco products/epn manager
version/cisco products/ise