CVE-2021-1361

Name of the Vulnerable Software and Affected Versions Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode (affected versions not specified)

Description A vulnerability in the implementation of an internal file management service could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. This issue exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests. An attacker could exploit this by sending crafted TCP packets to an IP address configured on a local interface on TCP port 9075. A successful exploit could allow the attacker to create, delete, or overwrite arbitrary files, including sensitive files related to the device configuration, such as adding a user account without the device administrator's knowledge.

Recommendations For Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode, consider applying the software updates released by Cisco that address this vulnerability. As a temporary workaround, restrict access to TCP port 9075 to minimize the risk of exploitation. Additionally, consider implementing the workarounds provided by Cisco to address this vulnerability.