CVE-2021-1134 HIGH

CVE-2021-1134: Cisco DNA Center Certificate Validation Vulnerability

Vendor Cisco
Product Cisco Digital Network Architecture Center (DNA Center)
Weakness CWE-295
Published June 29, 2021
Last update November 7, 2024

CVSS base score

7.4/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

What the vulnerability does

01Description

A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA Center Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to an incomplete validation of the X.509 certificate used when establishing a connection between DNA Center and an ISE server. An attacker could exploit this vulnerability by supplying a crafted certificate and could then intercept communications between the ISE and DNA Center. A successful exploit could allow the attacker to view and alter sensitive information that the ISE maintains about clients that are connected to the network.

Key dates

02Disclosure timeline

June 29, 2021 CVE published
November 7, 2024 Record updated