CVE-2021-1612 - OpenCVE

A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:N/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Sd-wan

Configuration 1 [-]

cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-GjR5pGOm	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2021-09-22T00:00:00

Updated: 2021-09-23T02:30:39

Reserved: 2020-11-13T00:00:00

Link: CVE-2021-1612

JSON object: View

NVD Information

Status : Modified

Published: 2021-09-23T03:15:12.270

Modified: 2023-11-07T03:28:47.080

Link: CVE-2021-1612

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Cisco IOS XE SD-WAN Software ", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2021-09-22T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-61", "description": "CWE-61", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-23T02:30:39", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20210922 Cisco IOS XE SD-WAN Software Arbitrary File Overwrite Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-GjR5pGOm"}], "source": {"advisory": "cisco-sa-sd-wan-GjR5pGOm", "defect": [["CSCvt63238"]], "discovery": "INTERNAL"}, "title": "Cisco IOS XE SD-WAN Software Arbitrary File Overwrite Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-09-22T16:00:00", "ID": "CVE-2021-1612", "STATE": "PUBLIC", "TITLE": "Cisco IOS XE SD-WAN Software Arbitrary File Overwrite Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco IOS XE SD-WAN Software ", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}], "impact": {"cvss": {"baseScore": "5.5", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N ", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-61"}]}]}, "references": {"reference_data": [{"name": "20210922 Cisco IOS XE SD-WAN Software Arbitrary File Overwrite Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-GjR5pGOm"}]}, "source": {"advisory": "cisco-sa-sd-wan-GjR5pGOm", "defect": [["CSCvt63238"]], "discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1612", "datePublished": "2021-09-22T00:00:00", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2021-09-23T02:30:39", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", "matchCriteriaId": "7ACF0BEE-991B-4EEE-B1D9-2D5510C79432", "versionEndExcluding": "17.3.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device."}, {"lang": "es", "value": "Una vulnerabilidad en la CLI de Cisco IOS XE SD-WAN Software podr\u00eda permitir a un atacante local autenticado sobrescribir archivos arbitrarios en el sistema local. Esta vulnerabilidad es debido a unos controles de acceso inapropiados en los archivos dentro del sistema de archivos local. Un atacante podr\u00eda explotar esta vulnerabilidad al colocar un enlace simb\u00f3lico en una ubicaci\u00f3n espec\u00edfica del sistema de archivos local. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante sobrescribir archivos arbitrarios en un dispositivo afectado"}], "id": "CVE-2021-1612", "lastModified": "2023-11-07T03:28:47.080", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.6, "confidentialityImpact": "NONE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 9.2, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2021-09-23T03:15:12.270", "references": [{"source": "ykramarz@cisco.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-GjR5pGOm"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-61"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}