CVE-2021-1558

🗓️ 22 May 2021 06:40:44Reported by ciscoType

Cisco DNA Spaces Connector has multiple vulnerabilities allowing local attacker to elevate privileges and execute arbitrary commands

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability in the web interface for managing application data collection and aggregation from Cisco DNA Spaces Connector controllers and access points arises from the lack of measures to neutralize special elements used in the operating system’s command set. This allows attackers to enhance their privileges and execute arbitrary commands.	24 May 202100:00	–	bdu_fstec
Cisco	Cisco DNA Spaces Connector Privilege Escalation Vulnerabilities	19 May 202116:00	–	cisco
CNNVD	Cisco DNA Spaces Connector 操作系统命令注入漏洞	20 May 202100:00	–	cnnvd
CNVD	Cisco DNA Spaces OS Command Injection Vulnerability (CNVD-2021-37121)	24 May 202100:00	–	cnvd
Cvelist	CVE-2021-1558 Cisco DNA Spaces Connector Privilege Escalation Vulnerabilities	22 May 202106:40	–	cvelist
EUVD	EUVD-2021-7025	3 Oct 202520:07	–	euvd
NVD	CVE-2021-1558	22 May 202107:15	–	nvd
OSV	CVE-2021-1558	22 May 202107:15	–	osv
Prion	Design/Logic Flaw	22 May 202107:15	–	prion
Vulnrichment	CVE-2021-1558 Cisco DNA Spaces Connector Privilege Escalation Vulnerabilities	22 May 202106:40	–	vulnrichment

NVD

Node

cisco dna_spaces:_connectorRange<2.3.1

[
  {
    "product": "Cisco DNA Spaces Connector",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

Source	Link
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnasp-conn-prvesc-q6T6BzW

21 Nov 2024 05:44Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.16 - 6.7

CVSS 27.2

EPSS0.00069

SSVC

CWE-78