Severity.io | CVE-2021-1436

Description

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system.

Related CPE's

o cisco ios_xe 3.15.1xbs *******

o cisco ios_xe 3.15.2xbs *******

o cisco ios_xe 16.11.1 *******

o cisco ios_xe 16.11.1a *******

o cisco ios_xe 16.11.1b *******

o cisco ios_xe 16.11.1c *******

o cisco ios_xe 16.11.1s *******

o cisco ios_xe 16.11.2 *******

o cisco ios_xe 16.12.1 *******

o cisco ios_xe 16.12.1a *******

References

20210324 Cisco IOS XE SD-WAN Software Path Traversal Vulnerability

Vendor Advisory

CvssV3 impact

BaseSeverity	MEDIUM
ConfidentialityImpact	HIGH
AttackComplexity	LOW
Scope	UNCHANGED
AttackVector	LOCAL
AvailabilityImpact	NONE
IntegrityImpact	NONE
PrivilegesRequired	HIGH
BaseScore	4.4
VectorString	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Version	3.1
UserInteraction	NONE

CvssV2 impact

AccessComplexity	MEDIUM
ConfidentialityImpact	COMPLETE
AvailabilityImpact	NONE
IntegrityImpact	NONE
BaseScore	4.7
VectorString	AV:L/AC:M/Au:N/C:C/I:N/A:N
Version	2.0
AccessVector	LOCAL
Authentication	NONE