How severe is CVE-2021-1381?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2021-1381?

This is classified as CWE-489, which is a common weakness in software security.

CVE-2021-1381 - MEDIUM Severity | CVSS 6.1

Vulnerability Description

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with high privileges or an unauthenticated attacker with physical access to the device to open a debugging console. The vulnerability is due to insufficient command authorization restrictions. An attacker could exploit this vulnerability by running commands on the hardware platform to open a debugging console. A successful exploit could allow the attacker to access a debugging console.

Related Vulnerabilities

CVE-2021-23861

MEDIUM

CVSS:6.5(Medium)

By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. ...

CWE-4892021

CVE-2022-26023

MEDIUM

CVSS:6.5(Medium)

A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security fea...

CWE-4892022

CVE-2022-28689

MEDIUM

CVSS:6.5(Medium)

A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted network request can lead to arbitrary command execution. An ...

CWE-4892022

CVE-2022-29888

MEDIUM

CVSS:6.5(Medium)

A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted HTTP request can lead to arbitrary file deletion....

CWE-4892022

CVE-2023-4227

MEDIUM

CVSS:6.5(Medium)

A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to t...

CWE-4892023

CVE-2023-21496

MEDIUM

CVSS:5.5(Medium)

Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level.

CWE-4892023