nvd-json-data-feeds/CVE-2021/CVE-2021-11xx/CVE-2021-1145.json

{
  "id": "CVE-2021-1145",
  "sourceIdentifier": "ykramarz@cisco.com",
  "published": "2021-01-13T22:15:14.803",
  "lastModified": "2021-01-20T17:29:03.740",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en los Enrutadores Secure FTP (SFTP) de Cisco StarOS para Cisco ASR 5000 Series, podr\u00eda permitir a un atacante autenticado remoto leer archivos arbitrarios en un dispositivo afectado. Para explotar esta vulnerabilidad, el atacante deber\u00eda tener credenciales v\u00e1lidas en el dispositivo afectado. La vulnerabilidad es debido al manejo no seguro de enlaces simb\u00f3licos. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un comando SFTP dise\u00f1ado hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante leer archivos arbitrarios en el dispositivo afectado."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV30": [
      {
        "source": "ykramarz@cisco.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-59"
        }
      ]
    },
    {
      "source": "ykramarz@cisco.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-61"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "21.19.7",
              "matchCriteriaId": "63993C7F-3FE3-4095-A896-2109DEE40D1C"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:cisco:asr_5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746254AC-B039-432C-AA5C-A82260E57AD7"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "301681DF-2A9E-4A91-9918-4A46153ADC01"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9EF0299-16A7-446D-855D-BFF91EE65534"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-file-read-L3RDvtey",
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}