CVE-2021-1391

A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by bypassing the consent token mechanism with the residual scripts on the affected device. A successful exploit could allow the attacker to escalate from privilege level 15 to root privilege.

Published: Mar 24, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-1391
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.7
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-489

Affected Software
References

Software	From	Fixed in
cisco / ios_xe	3.9.0e	3.9.0e.x
cisco / ios	15.2(5a)e1	15.2(5a)e1.x
cisco / ios	15.2(5)ea	15.2(5)ea.x
cisco / ios	15.2(5c)e	15.2(5c)e.x
cisco / ios	15.2(5)e2	15.2(5)e2.x
cisco / ios	15.2(5b)e	15.2(5b)e.x
cisco / ios	15.2(5)ex	15.2(5)ex.x
cisco / ios	15.2(5a)e	15.2(5a)e.x
cisco / ios	15.2(5)e1	15.2(5)e1.x
cisco / ios	15.2(5)e	15.2(5)e.x
cisco / ios_xe	3.9.1e	3.9.1e.x
cisco / ios	15.2(5)e2b	15.2(5)e2b.x
cisco / ios	15.2(5)e2c	15.2(5)e2c.x
cisco / ios_xe	3.9.2e	3.9.2e.x
cisco / ios_xe	16.8.1	16.8.1.x
cisco / ios_xe	16.9.1	16.9.1.x
cisco / ios	12.2(6)i1	12.2(6)i1.x
cisco / ios_xe	3.9.2be	3.9.2be.x
cisco / ios_xe	16.8.1a	16.8.1a.x
cisco / ios_xe	16.8.1s	16.8.1s.x
cisco / ios_xe	16.8.1b	16.8.1b.x
cisco / ios_xe	16.8.2	16.8.2.x
cisco / ios_xe	16.8.1d	16.8.1d.x
cisco / ios_xe	16.8.1c	16.8.1c.x
cisco / ios_xe	16.8.1e	16.8.1e.x
cisco / ios_xe	3.10.0ce	3.10.0ce.x
cisco / ios_xe	3.10.0e	3.10.0e.x
cisco / ios	15.2(6)e1	15.2(6)e1.x
cisco / ios	15.2(6)e	15.2(6)e.x
cisco / ios	15.2(6)e0c	15.2(6)e0c.x
cisco / ios_xe	16.9.1s	16.9.1s.x
cisco / ios_xe	16.9.1c	16.9.1c.x
cisco / ios_xe	16.9.1b	16.9.1b.x
cisco / ios	15.2(6)e0a	15.2(6)e0a.x
cisco / ios_xe	3.10.1e	3.10.1e.x
cisco / ios	15.2(6)e1a	15.2(6)e1a.x
cisco / ios_xe	3.10.1ae	3.10.1ae.x
cisco / ios_xe	3.10.1se	3.10.1se.x
cisco / ios	15.2(6)e1s	15.2(6)e1s.x
cisco / ios_xe	16.9.1d	16.9.1d.x
cisco / ios_xe	3.10.2e	3.10.2e.x
cisco / ios_xe	16.10.1	16.10.1.x
cisco / ios_xe	16.9.1a	16.9.1a.x
cisco / ios_xe	16.9.2a	16.9.2a.x
cisco / ios_xe	16.9.2	16.9.2.x
cisco / ios	15.2(6)e2a	15.2(6)e2a.x
cisco / ios	15.2(6)e2b	15.2(6)e2b.x
cisco / ios	15.2(6)e2	15.2(6)e2.x
cisco / ios_xe	16.12.1	16.12.1.x
cisco / ios_xe	16.11.1	16.11.1.x
cisco / ios_xe	17.1.1	17.1.1.x
cisco / ios	15.2(7)e	15.2(7)e.x
cisco / ios_xe	16.11.1a	16.11.1a.x
cisco / ios_xe	16.12.1c	16.12.1c.x
cisco / ios_xe	16.12.1t	16.12.1t.x
cisco / ios_xe	16.11.2	16.11.2.x
cisco / ios_xe	16.12.1s	16.12.1s.x
cisco / ios_xe	16.12.1a	16.12.1a.x
cisco / ios_xe	16.12.1x	16.12.1x.x
cisco / ios_xe	16.11.1c	16.11.1c.x
cisco / ios_xe	16.11.1b	16.11.1b.x
cisco / ios_xe	16.11.1s	16.11.1s.x
cisco / ios_xe	16.12.1w	16.12.1w.x
cisco / ios_xe	16.10.1s	16.10.1s.x
cisco / ios_xe	16.10.1d	16.10.1d.x
cisco / ios_xe	16.9.2s	16.9.2s.x
cisco / ios_xe	3.11.3e	3.11.3e.x
cisco / ios_xe	3.11.0e	3.11.0e.x
cisco / ios_xe	16.9.3h	16.9.3h.x
cisco / ios_xe	16.9.3a	16.9.3a.x
cisco / ios_xe	16.10.1a	16.10.1a.x
cisco / ios_xe	3.10.3e	3.10.3e.x
cisco / ios_xe	16.10.1f	16.10.1f.x
cisco / ios_xe	16.10.1g	16.10.1g.x
cisco / ios_xe	16.10.2	16.10.2.x
cisco / ios_xe	16.9.3	16.9.3.x
cisco / ios_xe	16.12.1y	16.12.1y.x
cisco / ios_xe	16.10.1e	16.10.1e.x
cisco / ios_xe	16.10.1b	16.10.1b.x
cisco / ios_xe	16.8.3	16.8.3.x
cisco / ios_xe	16.9.3s	16.9.3s.x
cisco / ios_xe	16.10.1c	16.10.1c.x
cisco / ios_xe	16.9.4	16.9.4.x
cisco / ios	15.2(7)e0s	15.2(7)e0s.x
cisco / ios_xe	16.12.2	16.12.2.x
cisco / ios	15.2(7)e0a	15.2(7)e0a.x
cisco / ios	15.2(7a)e0b	15.2(7a)e0b.x
cisco / ios	15.2(7)e1	15.2(7)e1.x
cisco / ios_xe	16.9.4c	16.9.4c.x
cisco / ios_xe	3.11.1e	3.11.1e.x
cisco / ios	15.2(6)e3	15.2(6)e3.x
cisco / ios	15.0(2)se13a	15.0(2)se13a.x
cisco / ios_xe	3.11.1ae	3.11.1ae.x
cisco / ios	15.2(7)e1a	15.2(7)e1a.x
cisco / ios	15.2(7)e0b	15.2(7)e0b.x
cisco / ios	15.1(3)svs	15.1(3)svs.x
cisco / ios_xe	16.12.2a	16.12.2a.x
cisco / ios	15.2(6)eb	15.2(6)eb.x
cisco / ios_xe	16.10.3	16.10.3.x
cisco / ios	15.2(7b)e0b	15.2(7b)e0b.x
cisco / ios_xe	16.9.5	16.9.5.x
cisco / ios_xe	16.9.5f	16.9.5f.x
cisco / ios	15.2(4)ea10	15.2(4)ea10.x
cisco / ios	15.1(3)svr1	15.1(3)svr1.x
cisco / ios	15.3(3)jf13	15.3(3)jf13.x
cisco / ios_xe	16.12.3	16.12.3.x
cisco / ios_xe	17.2.1	17.2.1.x
cisco / ios_xe	17.1.1s	17.1.1s.x
cisco / ios_xe	16.12.2t	16.12.2t.x
cisco / ios_xe	17.1.1a	17.1.1a.x
cisco / ios_xe	16.12.2s	16.12.2s.x
cisco / ios_xe	16.12.3a	16.12.3a.x
cisco / ios_xe	17.1.1t	17.1.1t.x
cisco / ios_xe	17.2.1a	17.2.1a.x
cisco / ios_xe	17.2.1v	17.2.1v.x
cisco / ios_xe	16.12.1z	16.12.1z.x
cisco / ios_xe	16.12.3s	16.12.3s.x
cisco / ios_xe	17.2.1r	17.2.1r.x
cisco / ios_xe	17.1.2	17.1.2.x
cisco / ios_xe	17.2.2	17.2.2.x
cisco / ios_xe	16.12.1za	16.12.1za.x
cisco / ios_xe	17.2.3	17.2.3.x
cisco / ios_xe	16.9.6	16.9.6.x
cisco / ios	15.2(7)e2b	15.2(7)e2b.x
cisco / ios	15.2(7)e2a	15.2(7)e2a.x
cisco / ios_xe	3.11.3ae	3.11.3ae.x
cisco / ios	15.1(3)svr2	15.1(3)svr2.x
cisco / ios	15.1(3)svr3	15.1(3)svr3.x
cisco / ios	15.1(3)svs1	15.1(3)svs1.x
cisco / ios	15.2(7)e3	15.2(7)e3.x
cisco / ios_xe	3.11.2ae	3.11.2ae.x
cisco / ios	15.2(7)e2	15.2(7)e2.x
cisco / ios_xe	3.11.2e	3.11.2e.x
cisco / ios	15.2(7)e3k	15.2(7)e3k.x

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-FSM-Yj8qJbJc

Vulnerability Database

289,599

CVE-2021-1391