Attacker Value
Unknown
CVE-2021-1391
CVE-2021-1391
(Last updated November 08, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by bypassing the consent token mechanism with the residual scripts on the affected device. A successful exploit could allow the attacker to escalate from privilege level 15 to root privilege.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
6.7 Medium
Impact Score:
5.9
Exploitability Score:
0.8
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
High
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Vendors
- cisco
Products
- ios 12.2(6)i1,
- ios 15.0(2)se13a,
- ios 15.1(3)svr1,
- ios 15.1(3)svr2,
- ios 15.1(3)svr3,
- ios 15.1(3)svs,
- ios 15.1(3)svs1,
- ios 15.2(4)ea10,
- ios 15.2(5)e,
- ios 15.2(5)e1,
- ios 15.2(5)e2,
- ios 15.2(5)e2b,
- ios 15.2(5)e2c,
- ios 15.2(5)ea,
- ios 15.2(5)ex,
- ios 15.2(5a)e,
- ios 15.2(5a)e1,
- ios 15.2(5b)e,
- ios 15.2(5c)e,
- ios 15.2(6)e,
- ios 15.2(6)e0a,
- ios 15.2(6)e0c,
- ios 15.2(6)e1,
- ios 15.2(6)e1a,
- ios 15.2(6)e1s,
- ios 15.2(6)e2,
- ios 15.2(6)e2a,
- ios 15.2(6)e2b,
- ios 15.2(6)e3,
- ios 15.2(6)eb,
- ios 15.2(7)e,
- ios 15.2(7)e0a,
- ios 15.2(7)e0b,
- ios 15.2(7)e0s,
- ios 15.2(7)e1,
- ios 15.2(7)e1a,
- ios 15.2(7)e2,
- ios 15.2(7)e2a,
- ios 15.2(7)e2b,
- ios 15.2(7)e3,
- ios 15.2(7)e3k,
- ios 15.2(7a)e0b,
- ios 15.2(7b)e0b,
- ios 15.3(3)jf13,
- ios xe 16.10.1,
- ios xe 16.10.1a,
- ios xe 16.10.1b,
- ios xe 16.10.1c,
- ios xe 16.10.1d,
- ios xe 16.10.1e,
- ios xe 16.10.1f,
- ios xe 16.10.1g,
- ios xe 16.10.1s,
- ios xe 16.10.2,
- ios xe 16.10.3,
- ios xe 16.11.1,
- ios xe 16.11.1a,
- ios xe 16.11.1b,
- ios xe 16.11.1c,
- ios xe 16.11.1s,
- ios xe 16.11.2,
- ios xe 16.12.1,
- ios xe 16.12.1a,
- ios xe 16.12.1c,
- ios xe 16.12.1s,
- ios xe 16.12.1t,
- ios xe 16.12.1w,
- ios xe 16.12.1x,
- ios xe 16.12.1y,
- ios xe 16.12.1z,
- ios xe 16.12.1za,
- ios xe 16.12.2,
- ios xe 16.12.2a,
- ios xe 16.12.2s,
- ios xe 16.12.2t,
- ios xe 16.12.3,
- ios xe 16.12.3a,
- ios xe 16.12.3s,
- ios xe 16.8.1,
- ios xe 16.8.1a,
- ios xe 16.8.1b,
- ios xe 16.8.1c,
- ios xe 16.8.1d,
- ios xe 16.8.1e,
- ios xe 16.8.1s,
- ios xe 16.8.2,
- ios xe 16.8.3,
- ios xe 16.9.1,
- ios xe 16.9.1a,
- ios xe 16.9.1b,
- ios xe 16.9.1c,
- ios xe 16.9.1d,
- ios xe 16.9.1s,
- ios xe 16.9.2,
- ios xe 16.9.2a,
- ios xe 16.9.2s,
- ios xe 16.9.3,
- ios xe 16.9.3a,
- ios xe 16.9.3h,
- ios xe 16.9.3s,
- ios xe 16.9.4,
- ios xe 16.9.4c,
- ios xe 16.9.5,
- ios xe 16.9.5f,
- ios xe 16.9.6,
- ios xe 17.1.1,
- ios xe 17.1.1a,
- ios xe 17.1.1s,
- ios xe 17.1.1t,
- ios xe 17.1.2,
- ios xe 17.2.1,
- ios xe 17.2.1a,
- ios xe 17.2.1r,
- ios xe 17.2.1v,
- ios xe 17.2.2,
- ios xe 17.2.3,
- ios xe 3.10.0ce,
- ios xe 3.10.0e,
- ios xe 3.10.1ae,
- ios xe 3.10.1e,
- ios xe 3.10.1se,
- ios xe 3.10.2e,
- ios xe 3.10.3e,
- ios xe 3.11.0e,
- ios xe 3.11.1ae,
- ios xe 3.11.1e,
- ios xe 3.11.2ae,
- ios xe 3.11.2e,
- ios xe 3.11.3ae,
- ios xe 3.11.3e,
- ios xe 3.9.0e,
- ios xe 3.9.1e,
- ios xe 3.9.2be,
- ios xe 3.9.2e
