How severe is CVE-2021-1371?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.6 out of 10.

What type of vulnerability is CVE-2021-1371?

This is classified as CWE-269, which is a common weakness in software security.

CVE-2021-1371

MEDIUM Year: 2021

CVSS v3 Score

6.6

Medium

CVSS v2 Score

7.2

High

Weakness Type

CWE-269

View all →

Vulnerability Description

A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges.

CVE-2017-5623

MEDIUM

CVSS:6.6(Medium)

An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T devices. The attacker can change the bootmode of the device by issuing the 'fastboot oem boot_mode {rf/wlan/ftm/normal} command' in...

CWE-2692017

CVE-2017-8032

MEDIUM

CVSS:6.6(Medium)

In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and othe...

CWE-2692017

CVE-2019-12794

MEDIUM

CVSS:6.6(Medium)

An issue was discovered in MISP 2.4.108. Organization admins could reset credentials for site admins (organization admins have the inherent ability to reset passwords for all of their organization's u...

CWE-2692019

CVE-2023-30024

MEDIUM

CVSS:6.6(Medium)

The MagicJack device, a VoIP solution for internet phone calls, contains a hidden NAND flash memory partition allowing unauthorized read/write access. Attackers can exploit this by replacing the origi...

CWE-2692023

CVE-2023-32196

HIGH

CVSS:6.6(Medium)

A vulnerability has been identified whereby privilege escalation checks are not properly enforced for RoleTemplateobjects when external=true, which in specific scenarios can lead to privilege escalati...

CWE-2692023

CVE-2023-32197

HIGH

CVSS:6.6(Medium)

A Improper Privilege Management vulnerability in SUSE rancher in RoleTemplateobjects when external=true is set can lead to privilege escalation in specific scenarios.This issue affects rancher: from 2...

CWE-2692023

CVE-2021-1371

Vulnerability Description

Related Vulnerabilities

CVE-2017-5623

CVE-2017-8032

CVE-2019-12794

CVE-2023-30024

CVE-2023-32196

CVE-2023-32197