Attacker Value
Unknown
CVE-2021-1392
CVE-2021-1392
(Last updated February 22, 2025) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip security CLI command. An attacker could exploit this vulnerability by issuing the command to retrieve the password for CIP on an affected device. A successful exploit could allow the attacker to reconfigure the device.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
7.8 High
Impact Score:
5.9
Exploitability Score:
1.8
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Vendors
Products
- ios 15.0(1)ey,
- ios 15.0(1)ey1,
- ios 15.0(1)ey2,
- ios 15.1(3)svs,
- ios 15.1(3)svt1,
- ios 15.2(1)ey,
- ios 15.2(2)e,
- ios 15.2(2)e1,
- ios 15.2(2)e10,
- ios 15.2(2)e2,
- ios 15.2(2)e3,
- ios 15.2(2)e4,
- ios 15.2(2)e5,
- ios 15.2(2)e5a,
- ios 15.2(2)e5b,
- ios 15.2(2)e6,
- ios 15.2(2)e7,
- ios 15.2(2)e7b,
- ios 15.2(2)e8,
- ios 15.2(2)e9,
- ios 15.2(2)ea,
- ios 15.2(2)ea1,
- ios 15.2(2)ea2,
- ios 15.2(2)ea3,
- ios 15.2(2)eb,
- ios 15.2(2)eb1,
- ios 15.2(2)eb2,
- ios 15.2(2a)e2,
- ios 15.2(2b)e,
- ios 15.2(3)e1,
- ios 15.2(3)e2,
- ios 15.2(3)e3,
- ios 15.2(3)e4,
- ios 15.2(3)e5,
- ios 15.2(3)ea,
- ios 15.2(4)e5a,
- ios 15.2(4)ea,
- ios 15.2(4)ea1,
- ios 15.2(4)ea10,
- ios 15.2(4)ea2,
- ios 15.2(4)ea3,
- ios 15.2(4)ea4,
- ios 15.2(4)ea5,
- ios 15.2(4)ea6,
- ios 15.2(4)ea7,
- ios 15.2(4)ea8,
- ios 15.2(4)ea9,
- ios 15.2(4)ea9a,
- ios 15.2(4)ec1,
- ios 15.2(4)ec2,
- ios 15.2(4)jaz,
- ios 15.2(5)e,
- ios 15.2(5)e1,
- ios 15.2(5)e2,
- ios 15.2(5)e2b,
- ios 15.2(5)e2c,
- ios 15.2(5)ea,
- ios 15.2(5a)e1,
- ios 15.2(6)e,
- ios 15.2(6)e0a,
- ios 15.2(6)e0c,
- ios 15.2(6)e1,
- ios 15.2(6)e1a,
- ios 15.2(6)e1s,
- ios 15.2(7)e0b,
- ios 15.2(7a)e0b,
- ios 15.2(7b)e0b,
- ios 15.3(3)ja1,
- ios 15.3(3)ja10,
- ios 15.3(3)ja11,
- ios 15.3(3)ja12,
- ios 15.3(3)ja4,
- ios 15.3(3)ja5,
- ios 15.3(3)ja6,
- ios 15.3(3)ja7,
- ios 15.3(3)ja8,
- ios 15.3(3)jaa,
- ios 15.3(3)jax,
- ios 15.3(3)jax1,
- ios 15.3(3)jax2,
- ios 15.3(3)jb,
- ios 15.3(3)jbb,
- ios 15.3(3)jbb1,
- ios 15.3(3)jbb2,
- ios 15.3(3)jbb4,
- ios 15.3(3)jbb5,
- ios 15.3(3)jbb6,
- ios 15.3(3)jbb6a,
- ios 15.3(3)jbb8,
- ios 15.3(3)jc,
- ios 15.3(3)jc1,
- ios 15.3(3)jc14,
- ios 15.3(3)jc2,
- ios 15.3(3)jc3,
- ios 15.3(3)jc4,
- ios 15.3(3)jc5,
- ios 15.3(3)jc6,
- ios 15.3(3)jc8,
- ios 15.3(3)jc9,
- ios 15.3(3)jd,
- ios 15.3(3)jd11,
- ios 15.3(3)jd12,
- ios 15.3(3)jd13,
- ios 15.3(3)jd14,
- ios 15.3(3)jd16,
- ios 15.3(3)jd17,
- ios 15.3(3)jd2,
- ios 15.3(3)jd3,
- ios 15.3(3)jd4,
- ios 15.3(3)jd5,
- ios 15.3(3)jd6,
- ios 15.3(3)jd7,
- ios 15.3(3)jd8,
- ios 15.3(3)jd9,
- ios 15.3(3)je,
- ios 15.3(3)jf,
- ios 15.3(3)jf1,
- ios 15.3(3)jf10,
- ios 15.3(3)jf11,
- ios 15.3(3)jf12,
- ios 15.3(3)jf12i,
- ios 15.3(3)jf13,
- ios 15.3(3)jf2,
- ios 15.3(3)jf4,
- ios 15.3(3)jf5,
- ios 15.3(3)jf6,
- ios 15.3(3)jf7,
- ios 15.3(3)jf8,
- ios 15.3(3)jf9,
- ios 15.3(3)jg,
- ios 15.3(3)jg1,
- ios 15.3(3)jh,
- ios 15.3(3)jh1,
- ios 15.3(3)ji1,
- ios 15.3(3)ji3,
- ios 15.3(3)ji4,
- ios 15.3(3)ji5,
- ios 15.3(3)ji6,
- ios 15.3(3)jj,
- ios 15.3(3)jj1,
- ios 15.3(3)jk,
- ios 15.3(3)jk1,
- ios 15.3(3)jk1t,
- ios 15.3(3)jk2,
- ios 15.3(3)jk2a,
- ios 15.3(3)jk3,
- ios 15.3(3)jk4,
- ios 15.3(3)jn,
- ios 15.3(3)jn11,
- ios 15.3(3)jn13,
- ios 15.3(3)jn14,
- ios 15.3(3)jn15,
- ios 15.3(3)jn3,
- ios 15.3(3)jn4,
- ios 15.3(3)jn6,
- ios 15.3(3)jn7,
- ios 15.3(3)jn8,
- ios 15.3(3)jn9,
- ios 15.3(3)jnb,
- ios 15.3(3)jnb1,
- ios 15.3(3)jnb2,
- ios 15.3(3)jnb3,
- ios 15.3(3)jnb4,
- ios 15.3(3)jnb5,
- ios 15.3(3)jnb6,
- ios 15.3(3)jnc,
- ios 15.3(3)jnc1,
- ios 15.3(3)jnc2,
- ios 15.3(3)jnc3,
- ios 15.3(3)jnc4,
- ios 15.3(3)jnd,
- ios 15.3(3)jnd1,
- ios 15.3(3)jnd2,
- ios 15.3(3)jnd3,
- ios 15.3(3)jnp,
- ios 15.3(3)jnp1,
- ios 15.3(3)jnp3,
- ios 15.3(3)jpb,
- ios 15.3(3)jpb1,
- ios 15.3(3)jpc,
- ios 15.3(3)jpc1,
- ios 15.3(3)jpc2,
- ios 15.3(3)jpc3,
- ios 15.3(3)jpc5,
- ios 15.3(3)jpd,
- ios xe 16.10.1,
- ios xe 16.10.1e,
- ios xe 16.11.1,
- ios xe 16.11.1a,
- ios xe 16.11.1c,
- ios xe 16.11.1s,
- ios xe 16.11.2,
- ios xe 16.12.1,
- ios xe 16.12.1c,
- ios xe 16.12.1s,
- ios xe 16.12.2,
- ios xe 16.12.2s,
- ios xe 16.12.2t,
- ios xe 16.12.3,
- ios xe 16.12.3s,
- ios xe 16.12.4,
- ios xe 16.9.1,
- ios xe 16.9.1d,
- ios xe 17.1.1,
- ios xe 17.1.1s,
- ios xe 17.1.1t,
- ios xe 17.1.2,
- ios xe 17.2.1,
- ios xe 3.3.0xo,
- ios xe 3.3.1xo,
- ios xe 3.3.2xo,
- ios xe 3.6.5be,
- ios xe 3.7.4e,
- ios xe 3.7.5e
Weaknesses
References
