CVE-2021-1419
published 2021-09-23CVE-2021-1419: A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | access_points_ssh_management | — | — |
| cisco | catalyst_9800_firmware | — | — |
| cisco | catalyst_9800_firmware | >= 16.12 < 16.12.6 | 16.12.6 |
| cisco | catalyst_9800_firmware | >= 17.3 < 17.3.3 | 17.3.3 |
| cisco | cisco_wireless_lan_controller | — | — |
| cisco | wireless_lan_controller_software | >= 8.10 < 8.10.151.0 | 8.10.151.0 |