How To Fix CVE-2021-1577- A Critical Arbitrary File Read And Write Vulnerability In Cisco APIC


Cisco has published advisory for one critical severity, one high severity vulnerability, and two medium severity vulnerabilities in Cisco APIC (Application Policy Infrastructure Controller). Successful exploitation of the vulnerabilities could allow attackers to take over the vulnerable Cisco appliances. The flaw CVE-2021-1577 with a base score of 9.1 is the most critical vulnerability among the four, which allows unauthenticated, remote attackers to read or write arbitrary files on an affected system. We recommend all the owners of Cisco and cloud APIC app read this post that tells how to fix CVE-2021-1577- A Critical Arbitrary File Read and Write Vulnerability in Cisco APIC.

List Of Other Vulnerabilities Disclosed In Cisco APIC And Cloud APIC:

Four vulnerabilities uncovered in Cisco APIC and Cloud APIC are:

Summary Of CVE-2021-1577:

This is the most critical vulnerability of the four with a CVSS score of 9.1. This vulnerability allows unauthenticated, remote attackers to read or write arbitrary files on an affected system. The flaw is due to improper validation of user access control in the Application Policy Infrastructure Controller (APIC). It affects both prim and cloud versions of APIC. This is an easily exploitable flaw. Attackers can exploit the flaw just by uploading a file to an affected device.

Associated CVE ID CVE-2021-1577
Description A Critical Arbitrary File Read and Write Vulnerability in Cisco APIC
Associated ZDI ID
CVSS Score 9.1 Critical
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Impact Score
Exploitability Score
Attack Vector (AV) Network
Attack Complexity (AC) Low
Privilege Required (PR) None
User Interaction (UI) None
Scope Unchanged
Confidentiality (C) High
Integrity (I) High
availability (a) None

Cisco Products Affected By CVE-2021-1577:

The flaw affects all the versions that are less than and equal to 5.1. It affects both on prim and cloud versions of APIC.

See also  What is a Clipboard Injector Malware? And, How Does Clipboard Injector Malware Targets Crypto Users?

How To Fix CVE-2021-1577- A Critical Arbitrary File Read And Write Vulnerability In Cisco APIC?

Cisco published the fixed version of APIC in its advisory. As per the advisory, version 5.2 and later are not vulnerable to the Arbitrary File Read and Write vulnerability. We recommend all the users of the affected devices update the Cisco APIC to the latest available version as Cisco has acknowledged the vulnerability by releasing the free software updates. Please refer to the below table that shows the required actions to take on the different versions of APIC.

Cisco APIC or Cisco Cloud APIC Software Release First Fixed Release
Earlier than 3.2 Migrate to a fixed release.
3.2 3.2(10e)
4.0 Migrate to a fixed release.
4.1 Migrate to a fixed release.
4.2 4.2(6h)
5.0 Migrate to a fixed release.
5.1 5.1(3e)
5.2 Not vulnerable.

How to Upgrade Cisco APSI?

 

See Also How To Fix The New OMI Vulnerabilities Target Linux VMs On Azure Environment?

You can refer to these online docs from Cisco to upgrade your APICs. The biggest concern most of the uses have is the upgradation path and the process. It’s tricky and hard to make the decision as to which version to upgrade. The code selection process can get even more complex if you have dependencies such as AVE (ACI Virtual Edge), AVS (ACI Virtual Switch, or the ACI MSO (Multi-Site Orchestrator).

To help users, Cisco has developed an online tool ‘Cisco APIC Software Upgrade/Downgrade Support Matrix’. This tool helps you provide upgrade and downgrade information such as the recommended path to upgrade or downgrade, the procedure to upgrade or downgrade, caveats, recommended software release, software no longer supported, open bugs of the target, and current release. This feature makes it a unique and must-have tool for those who plan either upgrade or downgrade the APIC.

See also  How To Fix CVE-2021-43304(5)- Heap Buffer Overflow Vulnerabilities In ClickHouse Database Management System

All you need to choose the from and to release that’s it. If you want to upgrade 5.2(4) from 4.0, select the from and to versions.

Leave a Reply

Your email address will not be published. Required fields are marked *