HIGH✓ PATCH🇬🇧 English

CVE-2021-1219

CVSS 7.8v3.1pub. 2021-01-20upd. 2024-11-21

A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by gaining access to the static credential that is stored on the local device. A successful exploit could allow the attacker to view static credentials, which the attacker could use to carry out further attacks.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Cisco Smart Software Manager On Prem

    APP
    Cisco
    ≤ 5.1.0
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2026-20160CRITICAL9.8PL ✓ten sam produkt

RCE z uprawnieniami root w Cisco Smart Software Manager On-Prem

CVE-2024-20419CRITICAL10.0PL ✓ten sam produkt

Cisco SSM On-Prem: nieuwierzytelniona zmiana hasła dowolnego użytkownika

CVE-2020-3158CRITICAL9.1ten sam produkt

A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an u...

CVE-2019-16029CRITICAL9.1ten sam produkt

A vulnerability in the application programming interface (API) of Cisco Smart Software Manager On-Prem could a...

CVE-2022-20808HIGH7.7ten sam produkt

A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote att...

CVE-2021-1219 — HIGH 7.8 | CVEbaza.pl