CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-1560

Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, remote attacker to perform a command injection attack on an affected device. These vulnerabilities are due to insufficient input sanitization when executing affected commands. A high-privileged attacker could exploit these vulnerabilities on a Cisco DNA Spaces Connector by injecting crafted input during command execution. A successful exploit could allow the attacker to execute arbitrary commands as root within the Connector docker container.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.026

EPSS Ranking 84.6%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 9.0

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnasp-conn-cmdinj-HOj4YV5n
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnasp-conn-cmdinj-HOj4YV5n

Products affected by CVE-2021-1560

Cisco » Dna Spaces » Version: _connector

cpe:2.3:a:cisco:dna_spaces:_connector

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-1560

Products

Pricing

Contact Us