CVE-2021-1361

CVE Database · CVE-2021-1361

CVE-2021-1361

· CRITICALModified

CVSS v3.1

9.8

EPSS

1.57%

Published

Feb 24, 2021

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files that are related to the device configuration. For example, the attacker could add a user account without the device administrator knowing.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-552

Affected Products (50)

cisco · nx-osvulnerable

cisco · nexus_3000

cisco · nexus_3100

cisco · nexus_3100-z

cisco · nexus_3100v

cisco · nexus_3200

cisco · nexus_3400

cisco · nexus_3500

cisco · nexus_3600

cisco · nexus_9000v

cisco · nexus_92160yc-x

cisco · nexus_92300yc

References (2)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs