CVE-2021-1392
HIGHCisco IOS and IOS XE - Authenticated Password Exposure via CIP Security Command
Title source: llmDescription
A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip security CLI command. An attacker could exploit this vulnerability by issuing the command to retrieve the password for CIP on an affected device. A successful exploit could allow the attacker to reconfigure the device.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-SAP-OPLbze68
Scores
CVSS v3
7.8
EPSS
0.0003
EPSS Percentile
9.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-522
Status
published
Products (50)
cisco/ios
15.0\(1\)ey
cisco/ios
15.0\(1\)ey1
cisco/ios
15.0\(1\)ey2
cisco/ios
15.1\(3\)svs
cisco/ios
15.1\(3\)svt1
cisco/ios
15.2\(1\)ey
cisco/ios
15.2\(2\)e
cisco/ios
15.2\(2\)e1
cisco/ios
15.2\(2\)e2
cisco/ios
15.2\(2\)e3
... and 40 more
Published
Mar 24, 2021
Tracked Since
Feb 18, 2026