cisco web-security-appliance CVE-2021-1359 vulnerability in Cisco Products
Published on July 8, 2021

Cisco Web Security Appliance Privilege Escalation Vulnerability
A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied XML input for the web interface. An attacker could exploit this vulnerability by uploading crafted XML configuration files that contain scripting code to a vulnerable device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. An attacker would need a valid user account with the rights to upload configuration files to exploit this vulnerability.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2021-1359 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
LOW
Integrity Impact:
LOW
Availability Impact:
LOW

Weakness Type

Missing XML Validation

The software accepts XML from an untrusted source but does not validate the XML against the proper schema. Most successful attacks begin with a violation of the programmer's assumptions. By accepting an XML document without validating it against a DTD or XML schema, the programmer leaves a door open for attackers to provide unexpected, unreasonable, or malicious input.


Products Associated with CVE-2021-1359

stack.watch emails you whenever new vulnerabilities are published in Cisco Web Security Appliance or Cisco Asyncos. Just hit a watch button to start following.

Cisco Web Security Appliance
 
Cisco Asyncos
 

Affected Versions

Cisco Web Security Appliance (WSA) Version n/a is affected by CVE-2021-1359

Exploit Probability

EPSS
1.18%
Percentile
78.44%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.