VDB
CVE-2021-1473
CVE-2021-1473
PUBLISHED
CVSS 5.300000190734863 MEDIUM
De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
EPSS 91.07% · 99.7th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
91.07%
99.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Small Business | |
| cisco | rv340_firmware | 0 |
| Cisco | ClamAV | |
| cisco | rv340w_firmware | 0 |
| Cisco | Unity Connection | |
| Cisco | Cisco Small Business RV Series Router Firmware | n/a |
| cisco | rv345_firmware | 0 |
| cisco | rv345p_firmware | 0 |
| Cisco | N/A | |
| Cisco | SD-WAN vManage |
Exploit Intelligence
- http://packetstormsecurity.com/files/162238/Cisco-RV-Authentication-Bypass-Code-Execution.html (nist-nvd)
- CIRCL seen: CVE-2021-1473 (circl-sighting)
- CIRCL seen: CVE-2021-1473 (circl-sighting)
- CIRCL seen: CVE-2021-1473 (circl-sighting)
- 20210407 Cisco Small Business RV Series Routers Vulnerabilities (circl)
- 20210419 [CVE-2021-1472/CVE-2021-1473] Cisco RV Series Authentication Bypass and Remote Command Execution (circl)
- Cisco Small Business RV Series Authentication Bypass / Command Injection Exploit (0day-today)
- Cisco Small Business RV Series Authentication Bypass / Command Injection Exploit (0day-today)
- Cisco RV Authentication Bypass / Code Execution Vulnerability (0day-today)
- Cisco RV Authentication Bypass / Code Execution Vulnerability (0day-today)
Timeline
- Apr 8, 2021 CVE Published
- Apr 14, 2021 EPSS Score
- Apr 20, 2021 PoC Published
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 1, 2022 PoC Published
- Feb 1, 2022 PoC Published
- Feb 2, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp-imm-dll-tu79hvkO advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-bypass-inject-Rbhgvfdx advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-multi-lldp-u7e4chCe advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-q3rxHnvm advisory
- 20210419 [CVE-2021-1472/CVE-2021-1473] Cisco RV Series Authentication Bypass and Remote Command Execution mailing-list
- http://packetstormsecurity.com/files/162238/Cisco-RV-Authentication-Bypass-Code-Execution.html url
- https://nvd.nist.gov/vuln/detail/CVE-2021-1473 advisory