CVE-2021-1572

CWE-266 CWE-269 — Improper Privilege Management5 documents4 sources

Severity

7.8HIGH

EPSS

0.1%

top 70.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Confd Cisco Network Services Orchestrator Cisco Cisco Confd

Timeline

PublishedAug 4

Latest updateMay 24

Description

A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exists because the affected software incorrectly runs the SFTP user service at the privilege level of the account that was running when the ConfD built-in Secure Shell (SSH) server for CLI was enabled. If the…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDcisco/confd7.4 — 7.4.3+1

▶CVEListV5cisco/cisco_confdn/a

▶NVDcisco/network_services_orchestrator5.4 — 5.4.3.1+1

🔴Vulnerability Details

GHSA

GHSA-jjcm-mvqj-g3mq: A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is r↗2022-05-24

▶

CVEList

ConfD CLI Secure Shell Server Privilege Escalation Vulnerability↗2021-08-04

▶

📋Vendor Advisories

Cisco

ConfD CLI Secure Shell Server Privilege Escalation Vulnerability↗2021-08-04

▶

Cisco

Cisco Network Services Orchestrator CLI Secure Shell Server Privilege Escalation Vulnerability↗2021-08-04

▶