ID

VAR-202103-0537


CVE

CVE-2021-1392


TITLE

Cisco IOS  and  IOS XE  Vulnerability regarding inadequate protection of credentials in

Trust: 0.8

sources: JVNDB: JVNDB-2021-004772

DESCRIPTION

A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip security CLI command. An attacker could exploit this vulnerability by issuing the command to retrieve the password for CIP on an affected device. A successful exploit could allow the attacker to reconfigure the device. Cisco IOS and IOS XE Exists in an inadequate protection of credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Both Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network equipment

Trust: 2.34

sources: NVD: CVE-2021-1392 // JVNDB: JVNDB-2021-004772 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-374446 // VULMON: CVE-2021-1392

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e7b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnp1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd17

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jb

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1d

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2t

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ec1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb6a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnp3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.7.5e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e5b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jax2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja12

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1t

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn11

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.3.2xo

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea10

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn13

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(7a\)e0b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd12

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jaa

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb8

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e10

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jg

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf13

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.1.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e0c

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jh

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jj

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(1\)ey

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jax

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2b\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)e5a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.1\(3\)svs

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk2a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e2c

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc14

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea6

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.3.1xo

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn14

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jax1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji4

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.7.4e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn15

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.9.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(7b\)e0b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea9a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.0\(1\)ey

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.0\(1\)ey1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e5a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd9

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.0\(1\)ey2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf10

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb6

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)eb2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jh1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5a\)e1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd16

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.6.5be

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf11

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)ea3

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jbb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e9

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.2s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpd

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(5\)e2b

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(3\)e4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf9

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnp

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf12

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk1t

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e0a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb5

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:17.2.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e1s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)je

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.1\(3\)svt1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2a\)e2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)jaz

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jg1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1c

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jc9

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd14

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd13

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpb1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ec2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn7

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jd11

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn9

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnc4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja11

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:3.3.0xo

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jk1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc2

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(7\)e0b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.3s

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e8

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnb4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jnd3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf12i

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jpc5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ja10

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1c

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)eb

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jf7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea7

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jj1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn6

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(6\)e1a

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)jn3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)eb1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(2\)e4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)ji1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(4\)ea9

Trust: 1.0

vendor:シスコシステムズmodel:cisco iosscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco iosscope:eqversion:xe

Trust: 0.8

vendor:シスコシステムズmodel:cisco ios xescope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-004772 // NVD: CVE-2021-1392

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1392
value: HIGH

Trust: 1.0

psirt@cisco.com: CVE-2021-1392
value: HIGH

Trust: 1.0

NVD: CVE-2021-1392
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202103-1409
value: HIGH

Trust: 0.6

VULHUB: VHN-374446
value: LOW

Trust: 0.1

VULMON: CVE-2021-1392
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2021-1392
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-374446
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1392
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2021-1392
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // JVNDB: JVNDB-2021-004772 // NVD: CVE-2021-1392 // NVD: CVE-2021-1392

PROBLEMTYPE DATA

problemtype:CWE-522

Trust: 1.1

problemtype:Inadequate protection of credentials (CWE-522) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-374446 // JVNDB: JVNDB-2021-004772 // NVD: CVE-2021-1392

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202103-1409

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409

PATCH

title:cisco-sa-XE-SAP-OPLbze68url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-SAP-OPLbze68

Trust: 0.8

title:Cisco IOS and IOS XE Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145711

Trust: 0.6

title:Cisco: Cisco IOS and IOS XE Software Common Industrial Protocol Privilege Escalation Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-XE-SAP-OPLbze68

Trust: 0.1

sources: VULMON: CVE-2021-1392 // CNNVD: CNNVD-202103-1409 // JVNDB: JVNDB-2021-004772

EXTERNAL IDS

db:NVDid:CVE-2021-1392

Trust: 2.6

db:JVNid:JVNVU99743643

Trust: 0.8

db:JVNDBid:JVNDB-2021-004772

Trust: 0.8

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021042150

Trust: 0.6

db:ICS CERTid:ICSA-21-110-02

Trust: 0.6

db:CNNVDid:CNNVD-202103-1409

Trust: 0.6

db:VULHUBid:VHN-374446

Trust: 0.1

db:VULMONid:CVE-2021-1392

Trust: 0.1

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // JVNDB: JVNDB-2021-004772 // NVD: CVE-2021-1392

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-xe-sap-oplbze68

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2021-1392

Trust: 1.4

url:https://jvn.jp/vu/jvnvu99743643/index.html

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-34940

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-110-02

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021042150

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/522.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/198743

Trust: 0.1

sources: VULHUB: VHN-374446 // VULMON: CVE-2021-1392 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1409 // JVNDB: JVNDB-2021-004772 // NVD: CVE-2021-1392

SOURCES

db:VULHUBid:VHN-374446
db:VULMONid:CVE-2021-1392
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202103-1409
db:JVNDBid:JVNDB-2021-004772
db:NVDid:CVE-2021-1392

LAST UPDATE DATE

2026-06-19T20:00:57.868000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-374446date:2021-03-29T00:00:00
db:VULMONid:CVE-2021-1392date:2021-03-29T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202103-1409date:2021-04-22T00:00:00
db:JVNDBid:JVNDB-2021-004772date:2021-11-29T09:16:00
db:NVDid:CVE-2021-1392date:2026-06-17T03:31:40.123

SOURCES RELEASE DATE

db:VULHUBid:VHN-374446date:2021-03-24T00:00:00
db:VULMONid:CVE-2021-1392date:2021-03-24T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202103-1409date:2021-03-24T00:00:00
db:JVNDBid:JVNDB-2021-004772date:2021-11-29T00:00:00
db:NVDid:CVE-2021-1392date:2021-03-24T20:15:14.057