CVE-2021-1583
Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability
Severity Score
4.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitrary files on the file system of the affected device.
Una vulnerabilidad en el control de acceso al sistema de archivos de la infraestructura de fábrica de Cisco Nexus 9000 Series Fabric Switches en el modo Application Centric Infrastructure (ACI) podría permitir a un atacante local autenticado leer archivos arbitrarios en un sistema afectado. Esta vulnerabilidad es debido a un control de acceso inapropiado. Un atacante con privilegios de Administrador podría explotar esta vulnerabilidad al ejecutar un comando vulnerable específico en un dispositivo afectado. Una explotación con éxito podría permitir al atacante leer archivos arbitrarios en el sistema de archivos del dispositivo afectado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-11-13 CVE Reserved
- 2021-08-25 CVE Published
- 2023-03-08 EPSS Updated
- 2024-11-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-284: Improper Access Control
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7 | 2023-11-07 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9000 Search vendor "Cisco" for product "Nexus 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9000v Search vendor "Cisco" for product "Nexus 9000v" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92160yc-x Search vendor "Cisco" for product "Nexus 92160yc-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92300yc Search vendor "Cisco" for product "Nexus 92300yc" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92304qc Search vendor "Cisco" for product "Nexus 92304qc" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 92348gc-x Search vendor "Cisco" for product "Nexus 92348gc-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9236c Search vendor "Cisco" for product "Nexus 9236c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9272q Search vendor "Cisco" for product "Nexus 9272q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-ex Search vendor "Cisco" for product "Nexus 93108tc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-ex-24 Search vendor "Cisco" for product "Nexus 93108tc-ex-24" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-fx Search vendor "Cisco" for product "Nexus 93108tc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-fx-24 Search vendor "Cisco" for product "Nexus 93108tc-fx-24" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93108tc-fx3p Search vendor "Cisco" for product "Nexus 93108tc-fx3p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93120tx Search vendor "Cisco" for product "Nexus 93120tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93128tx Search vendor "Cisco" for product "Nexus 93128tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9316d-gx Search vendor "Cisco" for product "Nexus 9316d-gx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180lc-ex Search vendor "Cisco" for product "Nexus 93180lc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-ex Search vendor "Cisco" for product "Nexus 93180yc-ex" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-ex-24 Search vendor "Cisco" for product "Nexus 93180yc-ex-24" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-fx Search vendor "Cisco" for product "Nexus 93180yc-fx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-fx-24 Search vendor "Cisco" for product "Nexus 93180yc-fx-24" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-fx3 Search vendor "Cisco" for product "Nexus 93180yc-fx3" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93180yc-fx3s Search vendor "Cisco" for product "Nexus 93180yc-fx3s" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93216tc-fx2 Search vendor "Cisco" for product "Nexus 93216tc-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93240yc-fx2 Search vendor "Cisco" for product "Nexus 93240yc-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332c Search vendor "Cisco" for product "Nexus 9332c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9332pq Search vendor "Cisco" for product "Nexus 9332pq" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93360yc-fx2 Search vendor "Cisco" for product "Nexus 93360yc-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336c-fx2 Search vendor "Cisco" for product "Nexus 9336c-fx2" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9336c-fx2-e Search vendor "Cisco" for product "Nexus 9336c-fx2-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9348gc-fxp Search vendor "Cisco" for product "Nexus 9348gc-fxp" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 93600cd-gx Search vendor "Cisco" for product "Nexus 93600cd-gx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9364c Search vendor "Cisco" for product "Nexus 9364c" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9364c-gx Search vendor "Cisco" for product "Nexus 9364c-gx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px Search vendor "Cisco" for product "Nexus 9372px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372px-e Search vendor "Cisco" for product "Nexus 9372px-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx Search vendor "Cisco" for product "Nexus 9372tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9372tx-e Search vendor "Cisco" for product "Nexus 9372tx-e" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396px Search vendor "Cisco" for product "Nexus 9396px" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9396tx Search vendor "Cisco" for product "Nexus 9396tx" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 14.2\(7f\) Search vendor "Cisco" for product "Nx-os" and version "14.2\(7f\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 9508 Search vendor "Cisco" for product "Nexus 9508" | - | - |
Safe
|