CVE Vulnerabilities

CVE-2021-1381

Active Debug Code

Published: Mar 24, 2021 | Modified: Nov 21, 2024
CVSS 3.x
6.1
MEDIUM
Source:
NVD
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVSS 2.x
3.6 LOW
AV:L/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with high privileges or an unauthenticated attacker with physical access to the device to open a debugging console. The vulnerability is due to insufficient command authorization restrictions. An attacker could exploit this vulnerability by running commands on the hardware platform to open a debugging console. A successful exploit could allow the attacker to access a debugging console.

Weakness

The product is released with debugging code still enabled or active.

Affected Software

Name Vendor Start Version End Version
Ios_xe Cisco 16.11.1 (including) 16.11.1 (including)
Ios_xe Cisco 16.11.1a (including) 16.11.1a (including)
Ios_xe Cisco 16.11.1b (including) 16.11.1b (including)
Ios_xe Cisco 16.11.1c (including) 16.11.1c (including)
Ios_xe Cisco 16.11.1s (including) 16.11.1s (including)
Ios_xe Cisco 16.11.2 (including) 16.11.2 (including)
Ios_xe Cisco 16.12.1 (including) 16.12.1 (including)
Ios_xe Cisco 16.12.1a (including) 16.12.1a (including)
Ios_xe Cisco 16.12.1c (including) 16.12.1c (including)
Ios_xe Cisco 16.12.1s (including) 16.12.1s (including)
Ios_xe Cisco 16.12.1t (including) 16.12.1t (including)
Ios_xe Cisco 16.12.1w (including) 16.12.1w (including)
Ios_xe Cisco 16.12.1x (including) 16.12.1x (including)
Ios_xe Cisco 16.12.1y (including) 16.12.1y (including)
Ios_xe Cisco 16.12.1z (including) 16.12.1z (including)
Ios_xe Cisco 16.12.1za (including) 16.12.1za (including)
Ios_xe Cisco 16.12.2 (including) 16.12.2 (including)
Ios_xe Cisco 16.12.2a (including) 16.12.2a (including)
Ios_xe Cisco 16.12.2s (including) 16.12.2s (including)
Ios_xe Cisco 16.12.2t (including) 16.12.2t (including)
Ios_xe Cisco 16.12.3 (including) 16.12.3 (including)
Ios_xe Cisco 16.12.3a (including) 16.12.3a (including)
Ios_xe Cisco 16.12.3s (including) 16.12.3s (including)
Ios_xe Cisco 16.12.4 (including) 16.12.4 (including)
Ios_xe Cisco 16.12.4a (including) 16.12.4a (including)
Ios_xe Cisco 17.1.1 (including) 17.1.1 (including)
Ios_xe Cisco 17.1.1a (including) 17.1.1a (including)
Ios_xe Cisco 17.1.1s (including) 17.1.1s (including)
Ios_xe Cisco 17.1.1t (including) 17.1.1t (including)
Ios_xe Cisco 17.1.2 (including) 17.1.2 (including)
Ios_xe Cisco 17.2.1 (including) 17.2.1 (including)
Ios_xe Cisco 17.2.1a (including) 17.2.1a (including)
Ios_xe Cisco 17.2.1r (including) 17.2.1r (including)
Ios_xe Cisco 17.2.1v (including) 17.2.1v (including)
Ios_xe Cisco 17.2.2 (including) 17.2.2 (including)
Ios_xe Cisco 17.2.3 (including) 17.2.3 (including)

Potential Mitigations

References