CVE-2021-1437

Cisco Aironet Access Points FlexConnect Upgrade Information Disclosure Vulnerability

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. This vulnerability is due to an unrestricted Trivial File Transfer Protocol (TFTP) configuration. An attacker could exploit this vulnerability by sending a specific TFTP request to an affected device. A successful exploit could allow the attacker to download any file from the filesystem of the affected access point (AP).

Una vulnerabilidad en la funcionalidad FlexConnect Upgrade del Software Cisco Aironet Series Access Points, podría permitir a un atacante remoto no autenticado obtenga información confidencial de un dispositivo afectado. Esta vulnerabilidad es debido a una configuración sin restricciones del Trivial File Transfer Protocol (TFTP). Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición TFTP específica a un dispositivo afectado. Una explotación con éxito podría permitir al atacante descargar cualquier archivo del sistema de archivos del punto de acceso (AP) afectado

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2020-11-13 CVE Reserved
2021-03-24 CVE Published
2024-03-27 EPSS Updated
2024-11-08 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-275: Permission Issues

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-info-disc-BfWqghj	2023-11-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	1100 Integrated Services Router Search vendor "Cisco" for product "1100 Integrated Services Router"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 1540 Search vendor "Cisco" for product "Aironet 1540"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 1560 Search vendor "Cisco" for product "Aironet 1560"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 1800 Search vendor "Cisco" for product "Aironet 1800"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 2800 Search vendor "Cisco" for product "Aironet 2800"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 3800 Search vendor "Cisco" for product "Aironet 3800"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Aironet 4800 Search vendor "Cisco" for product "Aironet 4800"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Catalyst 9100 Search vendor "Cisco" for product "Catalyst 9100"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Catalyst Iw6300 Search vendor "Cisco" for product "Catalyst Iw6300"	-	-	Safe
Cisco Search vendor "Cisco"	Aironet Access Point Software Search vendor "Cisco" for product "Aironet Access Point Software"	-	-	Affected	in	Cisco Search vendor "Cisco"	Esw6300 Search vendor "Cisco" for product "Esw6300"	-	-	Safe
Cisco Search vendor "Cisco"	Catalyst 9800 Firmware Search vendor "Cisco" for product "Catalyst 9800 Firmware"	>= 17.1 < 17.3.3 Search vendor "Cisco" for product "Catalyst 9800 Firmware" and version " >= 17.1 < 17.3.3"	-	Affected	in	Cisco Search vendor "Cisco"	Catalyst 9800 Search vendor "Cisco" for product "Catalyst 9800"	-	-	Safe
Cisco Search vendor "Cisco"		Wireless Lan Controller Software Search vendor "Cisco" for product "Wireless Lan Controller Software"				>= 8.10.112.0 < 8.10.142.0 Search vendor "Cisco" for product "Wireless Lan Controller Software" and version " >= 8.10.112.0 < 8.10.142.0"		-		Affected