CVE-2021-1145 – A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers …

13 January 2021

Vuln ID: CVE-2021-1145

Published: 2021-01-13 22:15:14Z

Description: A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device.

Source: NVD.NIST.GOV

Date:

13 January 2021

Categorie(s):

NVD

Tag(s):

NVD

11% of Cybersecurity Teams Have Zero Women25 April 2024
56% of cyber insurance claims originate in the email inbox25 April 2024
The end of non-compete agreements is a tech job earthquake25 April 2024
Anatomy IT’s new Security Suite targets healthcare cybersecurity threats, improves incident response25 April 2024
Innovating at the Edge of Technology with Kerem Koca, CEO of BlueCloud25 April 2024