Lucene search

CiscoCVELIST:CVE-2021-1401

HistoryMay 06, 2021 - 12:42 p.m.

CVE-2021-1401 Cisco Small Business 100, 300, and 500 Series Wireless Access Points Vulnerabilities

2021-05-0612:42:34

CWE-269

cisco

www.cve.org

cisco

small business

wireless access points

vulnerabilities

web-based management interface

sensitive information

arbitrary commands

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.002

Percentile

62.0%

JSON

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CNA Affected

[
  {
    "product": "Cisco Business Wireless Access Point Software",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN71263107/index.html

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-ZAfKGXhF

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.002

Percentile

62.0%

JSON

Related for CVELIST:CVE-2021-1401