CVE-2021-1594

Description

A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a command injection attack and elevate privileges to root. This vulnerability is due to insufficient input validation for specific API endpoints. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting and modifying specific internode communications from one ISE persona to another ISE persona. A successful exploit could allow the attacker to run arbitrary commands with root privileges on the underlying operating system. To exploit this vulnerability, the attacker would need to decrypt HTTPS traffic between two ISE personas that are located on separate nodes.

Related CPE's

aciscoidentity_services_engine2.4\(0.902\)*******

aciscoidentity_services_engine2.6\(0.156\)*******

aciscoidentity_services_engine2.6.0patch1******

aciscoidentity_services_engine2.6.0patch2******

aciscoidentity_services_engine2.6.0patch3******

aciscoidentity_services_engine2.6.0patch6******

aciscoidentity_services_engine2.6.0patch5******

aciscoidentity_services_engine2.6.0-******

aciscoidentity_services_engine2.6.0patch7******

aciscoidentity_services_engine2.7.0patch2******

References

20211006 Cisco Identity Services Engine Privilege Escalation Vulnerability

Vendor Advisory

CvssV3 impact

BaseSeverity

HIGH

ConfidentialityImpact

HIGH

AttackComplexity

HIGH

Scope

UNCHANGED

AttackVector

NETWORK

AvailabilityImpact

HIGH

IntegrityImpact

HIGH

PrivilegesRequired

NONE

BaseScore

8.1

VectorString

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Version

3.1

UserInteraction

NONE

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

COMPLETE

AvailabilityImpact

COMPLETE

IntegrityImpact

COMPLETE

BaseScore

9.300000190734863

VectorString

AV:N/AC:M/Au:N/C:C/I:C/A:C

Version

2.0

AccessVector

NETWORK

Authentication

NONE

Created by Yello
About Severity.io