CVE-2021-1392Insufficiently Protected Credentials in Cisco IOS

CWE-522Insufficiently Protected CredentialsCWE-611XML External Entity (XXE) Injection5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 91.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Cisco IOSCisco IOSCisco IOS XE
Timeline
PublishedMar 24
Latest updateMay 24

Description

A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip security CLI command. An attacker could exploit this vulnerability by issuing the command to retrieve the password for CIP on an affected device. A succ

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDcisco/ios185 versions+184
NVDcisco/ios_xe29 versions+28
CVEListV5cisco/cisco_iosn/a

🔴Vulnerability Details

3
GHSA
GHSA-xjw8-2g7c-qm56: A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the pas2022-05-24
GHSA
XXE vulnerability on Launch import with externally-defined DTD file2021-06-28
CVEList
Cisco IOS and IOS XE Software Common Industrial Protocol Privilege Escalation Vulnerability2021-03-24

📋Vendor Advisories

1
Cisco
Cisco IOS and IOS XE Software Common Industrial Protocol Privilege Escalation Vulnerability2021-03-24
CVE-2021-1392 — Insufficiently Protected Credentials | cvebase