CVE-2021-1423

{"id": "CVE-2021-1423", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.8}]}, "published": "2021-03-24T21:15:13.443", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-668"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-668"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device."}, {"lang": "es", "value": "Una vulnerabilidad en la implementaci\u00f3n de un comando de CLI en Cisco Aironet Access Points (AP), podr\u00eda permitir a un atacante local autenticado sobrescribir archivos en la memoria flash del dispositivo. Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada para un comando espec\u00edfico. Un atacante podr\u00eda explotar esta vulnerabilidad al emitir un comando con argumentos dise\u00f1ados. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante sobrescribir o crear archivos con datos que ya est\u00e1n presentes en otros archivos alojados en el dispositivo afectado"}], "lastModified": "2024-11-21T05:44:19.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D48036EE-DE42-412A-B3C9-CBCE7414DB33"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822"}, {"criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711"}, {"criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B"}, {"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493"}, {"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E"}, {"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4"}, {"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215"}, {"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303"}, {"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70"}, {"criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCD9BB32-1D37-4F86-9E93-B77DAB09B874", "versionEndExcluding": "16.12.5"}, {"criteria": "cpe:2.3:o:cisco:catalyst_9800_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54FC2B7F-8BB5-4326-964C-0C7CC6D31412", "versionEndIncluding": "17.2", "versionStartIncluding": "17.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4303CDF3-6399-41CA-BD2A-3C894DD02064", "versionEndExcluding": "8.5.171.0"}, {"criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D84C320-E3E3-4B29-A27F-A95C6C50FFFE", "versionEndExcluding": "8.10.130.0", "versionStartIncluding": "8.6"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}