Vulnerability Description
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Wap125 Firmware | <= 1.0.3.1 |
| Cisco | Wap125 | - |
| Cisco | Wap131 Firmware | <= 1.0.2.17 |
| Cisco | Wap131 | - |
| Cisco | Wap150 Firmware | <= 1.1.2.4 |
| Cisco | Wap150 | - |
| Cisco | Wap351 Firmware | <= 1.0.2.17 |
| Cisco | Wap351 | - |
| Cisco | Wap361 Firmware | <= 1.1.2.4 |
| Cisco | Wap361 | - |
| Cisco | Wap581 Firmware | <= 1.0.3.1 |
| Cisco | Wap581 | - |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN71263107/index.htmlThird Party Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sVendor Advisory
- http://jvn.jp/en/jp/JVN71263107/index.htmlThird Party Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sVendor Advisory
FAQ
What is CVE-2021-1400?
CVE-2021-1400 is a vulnerability with a CVSS score of 8.8 (HIGH). Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain s...
How severe is CVE-2021-1400?
CVE-2021-1400 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-1400?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wap125 Firmware, Cisco Wap125, Cisco Wap131 Firmware, Cisco Wap131, Cisco Wap150 Firmware.