cisco-sa-iox-pt-hWGcPf7g

Cisco IOx Application Environment Path Traversal Vulnerability

cisco-sa-iox-pt-hWGcPf7g · Medium · Published 5 years ago · Updated 5 years ago

A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to conduct directory traversal attacks and read and write files on the underlying operating system or host system. This vulnerability occurs because the device does not properly validate URIs in IOx API requests. An attacker could exploit this vulnerability by sending a crafted API request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-pt-hWGcPf7g

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

Cisco recommends that customers who do not want to use the Cisco IOx application hosting environment can mitigate this vulnerability by disabling IOx permanently on the device by using the no iox configuration command.

While this mitigation has been deployed and was proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment.

CVEs	CVE-2021-1385
Cisco Bug IDs	CSCvx21776, CSCvw64810, CSCvx21783
CVSS Score	Base 6.5 Base 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:X/RL:X/RC:X
Product Names From Source	Cisco CGR1000 Compute Module, Cisco IOS 15.8(3)M3, Cisco IOS 15.8(3)M2a, Cisco IOS 15.8(3)M4, Cisco IOS 15.8(3)M5, Cisco IOS 15.8(3)M6, Cisco IOS 15.9(3)M, Cisco IOS 15.9(3)M1, Cisco IOS 15.9(3)M2, Cisco IOS 15.9(3)M3, Cisco IOS 15.9(3)M2a, Cisco IOS XE Software 16.11.1, Cisco IOS XE Software 16.11.1a, Cisco IOS XE Software 16.11.1b, Cisco IOS XE Software 16.11.2, Cisco IOS XE Software 16.11.1s, Cisco IOS XE Software 16.11.1c, Cisco IOS XE Software 16.12.1, Cisco IOS XE Software 16.12.1s, Cisco IOS XE Software 16.12.1a, Cisco IOS XE Software 16.12.1c, Cisco IOS XE Software 16.12.1w, Cisco IOS XE Software 16.12.2, Cisco IOS XE Software 16.12.1y, Cisco IOS XE Software 16.12.2a, Cisco IOS XE Software 16.12.3, Cisco IOS XE Software 16.12.2s, Cisco IOS XE Software 16.12.1x, Cisco IOS XE Software 16.12.1t, Cisco IOS XE Software 16.12.2t, Cisco IOS XE Software 16.12.4, Cisco IOS XE Software 16.12.3s, Cisco IOS XE Software 16.12.1z, Cisco IOS XE Software 16.12.3a, Cisco IOS XE Software 16.12.4a, Cisco IOS XE Software 16.12.5, Cisco IOS XE Software 16.12.1z1, Cisco IOS XE Software 16.12.1z2, Cisco IOS XE Software 17.1.1, Cisco IOS XE Software 17.1.1a, Cisco IOS XE Software 17.1.1s, Cisco IOS XE Software 17.1.2, Cisco IOS XE Software 17.1.1t, Cisco IOS XE Software 17.1.3, Cisco IOS XE Software 17.2.1, Cisco IOS XE Software 17.2.1r, Cisco IOS XE Software 17.2.1a, Cisco IOS XE Software 17.2.1v, Cisco IOS XE Software 17.2.2, Cisco IOS XE Software 17.3.1, Cisco IOS XE Software 17.3.2, Cisco IOS XE Software 17.3.1a, Cisco IOS XE Software 17.3.1w, Cisco IOS XE Software 17.3.2a, Cisco IOS XE Software 17.3.1x, Cisco IOS XE Software 17.4.1, Cisco IOS XE Software 17.4.1a, Cisco IOS XE Software 17.4.1b, Cisco IOS XE Software 17.4.1c, Cisco IOS XE Software 17.11.99SW, Cisco IOS XE Software

CSAF Product Statuses

Product	Status	Source	CVE	Rows
15.8(3)M2a	known_affected	cisco_csaf	CVE-2021-1385	1
15.8(3)M3	known_affected	cisco_csaf	CVE-2021-1385	1
15.8(3)M4	known_affected	cisco_csaf	CVE-2021-1385	1
15.8(3)M5	known_affected	cisco_csaf	CVE-2021-1385	1
15.8(3)M6	known_affected	cisco_csaf	CVE-2021-1385	1
15.9(3)M	known_affected	cisco_csaf	CVE-2021-1385	1
15.9(3)M1	known_affected	cisco_csaf	CVE-2021-1385	1
15.9(3)M2	known_affected	cisco_csaf	CVE-2021-1385	1
15.9(3)M2a	known_affected	cisco_csaf	CVE-2021-1385	1
15.9(3)M3	known_affected	cisco_csaf	CVE-2021-1385	1
16.11.1	known_affected	cisco_csaf	CVE-2021-1385	1
16.11.1a	known_affected	cisco_csaf	CVE-2021-1385	1

Showing 12 of 60 CSAF status groups; 48 more not shown.

Related Products

Product	CVE	Evidence
Cisco Catalyst 9300 Series Switches	CVE-2021-1385	Cisco OpenVuln · software-dependent
Cisco CGR1000 Compute Module	CVE-2021-1385	Cisco OpenVuln
Cisco IOS XE Software	CVE-2021-1385	Cisco OpenVuln
Cisco IOx	CVE-2021-1385	Cisco OpenVuln
Cisco IOS	CVE-2021-1385	Cisco OpenVuln
Cisco Catalyst 9200 Series Switches	CVE-2021-1385	Cisco OpenVuln · software-dependent
Cisco Catalyst 9400 Series Switches	CVE-2021-1385	Cisco OpenVuln · software-dependent
Cisco Catalyst 9500 Series Switches	CVE-2021-1385	Cisco OpenVuln · software-dependent
Cisco Catalyst 9600 Series Switches	CVE-2021-1385	Cisco OpenVuln · software-dependent
Cisco 1000 Series Connected Grid Routers	CVE-2021-1385	Cisco OpenVuln
Cisco IOS Software	CVE-2021-1385	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco IOx Application Environment Path Traversal Vulnerability

Workarounds

CSAF Product Statuses

Related Products