All the vulnerabilites related to cisco - vedge_100
cve-2020-3264
Vulnerability from cvelistv5
Published
2020-03-19 15:35
Modified
2024-11-15 17:33
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2 | vendor-advisory, x_refsource_CISCO | |
| https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:57.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200318 Cisco SD-WAN Solution Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3264",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:24:47.957877Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:33:22.406Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-22T15:59:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200318 Cisco SD-WAN Solution Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r"
}
],
"source": {
"advisory": "cisco-sa-sdwanbo-QKcABnS2",
"defect": [
[
"CSCvs47117"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Solution Buffer Overflow Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-03-18T16:00:00-0700",
"ID": "CVE-2020-3264",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Buffer Overflow Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.1",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200318 Cisco SD-WAN Solution Buffer Overflow Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2"
},
{
"name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r",
"refsource": "MISC",
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r"
}
]
},
"source": {
"advisory": "cisco-sa-sdwanbo-QKcABnS2",
"defect": [
[
"CSCvs47117"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3264",
"datePublished": "2020-03-19T15:35:22.750436Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:33:22.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3401
Vulnerability from cvelistv5
Published
2020-07-16 17:22
Modified
2024-11-13 18:19
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to the affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN vManage |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200715 Cisco SD-WAN vManage Software Path Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3401",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:25:15.911345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:19:34.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN vManage",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to the affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-16T17:22:23",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200715 Cisco SD-WAN vManage Software Path Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3"
}
],
"source": {
"advisory": "cisco-sa-vmandowndir-CVGvdKM3",
"defect": [
[
"CSCvt74757"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN vManage Software Path Traversal Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-07-15T16:00:00",
"ID": "CVE-2020-3401",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN vManage Software Path Traversal Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vManage",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to the affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200715 Cisco SD-WAN vManage Software Path Traversal Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3"
}
]
},
"source": {
"advisory": "cisco-sa-vmandowndir-CVGvdKM3",
"defect": [
[
"CSCvt74757"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3401",
"datePublished": "2020-07-16T17:22:23.560326Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:19:34.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3379
Vulnerability from cvelistv5
Published
2020-07-16 17:21
Modified
2024-11-15 16:53
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200715 Cisco SD-WAN Solution Software Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:27:14.185694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T16:53:01.086Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-16T17:21:50",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200715 Cisco SD-WAN Solution Software Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC"
}
],
"source": {
"advisory": "cisco-sa-vmpresc-SyzcS4kC",
"defect": [
[
"CSCvi69987"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Solution Software Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-07-15T16:00:00",
"ID": "CVE-2020-3379",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Software Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200715 Cisco SD-WAN Solution Software Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC"
}
]
},
"source": {
"advisory": "cisco-sa-vmpresc-SyzcS4kC",
"defect": [
[
"CSCvi69987"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3379",
"datePublished": "2020-07-16T17:21:51.004104Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T16:53:01.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1514
Vulnerability from cvelistv5
Published
2021-05-06 12:50
Modified
2024-11-08 23:16
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210505 Cisco SD-WAN Software Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1514",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:43:46.352944Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:16:58.110Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T12:50:58",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210505 Cisco SD-WAN Software Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy"
}
],
"source": {
"advisory": "cisco-sa-sdwan-privesc-QVszVUPy",
"defect": [
[
"CSCvi69989"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Software Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-05-05T16:00:00",
"ID": "CVE-2021-1514",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Software Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.4",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210505 Cisco SD-WAN Software Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-privesc-QVszVUPy",
"defect": [
[
"CSCvi69989"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1514",
"datePublished": "2021-05-06T12:50:58.964834Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:16:58.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1546
Vulnerability from cvelistv5
Published
2021-09-23 02:30
Modified
2024-11-07 21:52
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Cisco SD-WAN Software Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1546",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:40:31.262640Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:52:24.763Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:30:18",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Cisco SD-WAN Software Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX"
}
],
"source": {
"advisory": "cisco-sa-sd-wan-Fhqh8pKX",
"defect": [
[
"CSCvx79335"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Software Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-1546",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Software Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.5",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Cisco SD-WAN Software Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX"
}
]
},
"source": {
"advisory": "cisco-sa-sd-wan-Fhqh8pKX",
"defect": [
[
"CSCvx79335"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1546",
"datePublished": "2021-09-23T02:30:18.696150Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T21:52:24.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-16012
Vulnerability from cvelistv5
Published
2020-03-19 15:35
Modified
2024-11-15 17:33
Severity ?
EPSS score ?
Summary
A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco vManage Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.798Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200318 Cisco SD-WAN Solution vManage SQL Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-16012",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:29:04.089098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:33:02.770Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco vManage Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-19T15:35:27",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200318 Cisco SD-WAN Solution vManage SQL Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject"
}
],
"source": {
"advisory": "cisco-sa-20200318-vmanage-cypher-inject",
"defect": [
[
"CSCvr42496",
"CSCvs49675"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Solution vManage SQL Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-03-18T16:00:00-0700",
"ID": "CVE-2019-16012",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution vManage SQL Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco vManage Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.4",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200318 Cisco SD-WAN Solution vManage SQL Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject"
}
]
},
"source": {
"advisory": "cisco-sa-20200318-vmanage-cypher-inject",
"defect": [
[
"CSCvr42496",
"CSCvs49675"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-16012",
"datePublished": "2020-03-19T15:35:27.699415Z",
"dateReserved": "2019-09-06T00:00:00",
"dateUpdated": "2024-11-15T17:33:02.770Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3180
Vulnerability from cvelistv5
Published
2020-07-16 17:20
Modified
2024-11-15 16:56
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN vManage |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:24:00.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200715 Cisco SD-WAN Solution Software Static Credentials Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3180",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:23:24.662312Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T16:56:01.023Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN vManage",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-16T17:20:38",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200715 Cisco SD-WAN Solution Software Static Credentials Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj"
}
],
"source": {
"advisory": "cisco-sa-sdscred-HfWWfqBj",
"defect": [
[
"CSCvi59720",
"CSCvi85074"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Solution Software Static Credentials Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-07-15T16:00:00",
"ID": "CVE-2020-3180",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Software Static Credentials Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vManage",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.4",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200715 Cisco SD-WAN Solution Software Static Credentials Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj"
}
]
},
"source": {
"advisory": "cisco-sa-sdscred-HfWWfqBj",
"defect": [
[
"CSCvi59720",
"CSCvi85074"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3180",
"datePublished": "2020-07-16T17:20:38.219927Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T16:56:01.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3351
Vulnerability from cvelistv5
Published
2020-07-16 17:21
Modified
2024-11-15 16:54
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200715 Cisco SD-WAN Solution Software Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:21:03.583855Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T16:54:26.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-16T17:21:19",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200715 Cisco SD-WAN Solution Software Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB"
}
],
"source": {
"advisory": "cisco-sa-sdw-dos-KWOdyHnB",
"defect": [
[
"CSCvj14805"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Solution Software Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-07-15T16:00:00",
"ID": "CVE-2020-3351",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Software Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200715 Cisco SD-WAN Solution Software Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB"
}
]
},
"source": {
"advisory": "cisco-sa-sdw-dos-KWOdyHnB",
"defect": [
[
"CSCvj14805"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3351",
"datePublished": "2020-07-16T17:21:19.642695Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T16:54:26.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1646
Vulnerability from cvelistv5
Published
2019-01-24 15:00
Modified
2024-11-20 17:28
Severity ?
EPSS score ?
Summary
A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/106723 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190123 Multiple Privilege Escalation Vulnerabilities in Cisco SD-WAN Solution",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal"
},
{
"name": "106723",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106723"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1646",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:56:07.335389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:28:59.001Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-26T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190123 Multiple Privilege Escalation Vulnerabilities in Cisco SD-WAN Solution",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal"
},
{
"name": "106723",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106723"
}
],
"source": {
"advisory": "cisco-sa-20190123-sdwan-escal",
"defect": [
[
"CSCvm25992",
"CSCvm26016",
"CSCvm26025",
"CSCvm26033",
"CSCvm26036"
]
],
"discovery": "INTERNAL"
},
"title": "Privilege Escalation Vulnerability in Cisco SD-WAN Solution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-01-23T16:00:00-0800",
"ID": "CVE-2019-1646",
"STATE": "PUBLIC",
"TITLE": "Privilege Escalation Vulnerability in Cisco SD-WAN Solution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190123 Multiple Privilege Escalation Vulnerabilities in Cisco SD-WAN Solution",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal"
},
{
"name": "106723",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106723"
}
]
},
"source": {
"advisory": "cisco-sa-20190123-sdwan-escal",
"defect": [
[
"CSCvm25992",
"CSCvm26016",
"CSCvm26025",
"CSCvm26033",
"CSCvm26036"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1646",
"datePublished": "2019-01-24T15:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:28:59.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1511
Vulnerability from cvelistv5
Published
2021-05-06 12:42
Modified
2024-11-08 23:19
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN vEdge router |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:17:40.485745Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:19:01.399Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN vEdge router",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T12:42:07",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
],
"source": {
"advisory": "cisco-sa-sdwan-buffover-MWGucjtO",
"defect": [
[
"CSCvt11545",
"CSCvu28407",
"CSCvu28442"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-05-05T16:00:00",
"ID": "CVE-2021-1511",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vEdge router",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-buffover-MWGucjtO",
"defect": [
[
"CSCvt11545",
"CSCvu28407",
"CSCvu28442"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1511",
"datePublished": "2021-05-06T12:42:07.424396Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:19:01.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20930
Vulnerability from cvelistv5
Published
2022-09-30 18:46
Modified
2024-11-01 18:50
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN vManage |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:57.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220928 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20930",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T18:42:16.371547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T18:50:04.587Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN vManage",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-09-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-30T18:46:47",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220928 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu"
}
],
"source": {
"advisory": "cisco-sa-sdwan-privesc-cli-xkGwmqKu",
"defect": [
[
"CSCvz46392"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Software Arbitrary File Corruption Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-09-28T23:00:00",
"ID": "CVE-2022-20930",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Software Arbitrary File Corruption Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vManage",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-88"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220928 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-privesc-cli-xkGwmqKu",
"defect": [
[
"CSCvz46392"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20930",
"datePublished": "2022-09-30T18:46:47.422178Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-01T18:50:04.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1509
Vulnerability from cvelistv5
Published
2021-05-06 12:41
Modified
2024-11-08 23:19
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN vEdge router |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:17:52.723369Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:19:20.241Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN vEdge router",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T12:41:58",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
],
"source": {
"advisory": "cisco-sa-sdwan-buffover-MWGucjtO",
"defect": [
[
"CSCvt11545",
"CSCvu28407",
"CSCvu28442"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-05-05T16:00:00",
"ID": "CVE-2021-1509",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vEdge router",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-buffover-MWGucjtO",
"defect": [
[
"CSCvt11545",
"CSCvu28407",
"CSCvu28442"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1509",
"datePublished": "2021-05-06T12:41:58.360018Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:19:20.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1512
Vulnerability from cvelistv5
Published
2021-05-06 12:42
Modified
2024-11-08 23:18
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.770Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210505 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1512",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:44:02.972032Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:18:51.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T12:42:11",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210505 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn"
}
],
"source": {
"advisory": "cisco-sa-sdwan-arbfile-7Qhd9mCn",
"defect": [
[
"CSCvs98457"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Software Arbitrary File Corruption Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-05-05T16:00:00",
"ID": "CVE-2021-1512",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Software Arbitrary File Corruption Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.4",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-552"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210505 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-arbfile-7Qhd9mCn",
"defect": [
[
"CSCvs98457"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1512",
"datePublished": "2021-05-06T12:42:11.741571Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:18:51.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1528
Vulnerability from cvelistv5
Published
2021-06-04 16:45
Modified
2024-11-07 22:09
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210602 Cisco SD-WAN Software Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1528",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:43:49.366641Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:09:53.223Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-04T16:45:40",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210602 Cisco SD-WAN Software Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF"
}
],
"source": {
"advisory": "cisco-sa-sd-wan-fuErCWwF",
"defect": [
[
"CSCvx49259"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Software Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-06-02T16:00:00",
"ID": "CVE-2021-1528",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Software Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210602 Cisco SD-WAN Software Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF"
}
]
},
"source": {
"advisory": "cisco-sa-sd-wan-fuErCWwF",
"defect": [
[
"CSCvx49259"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1528",
"datePublished": "2021-06-04T16:45:40.937983Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:09:53.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-16010
Vulnerability from cvelistv5
Published
2020-03-19 15:35
Modified
2024-11-15 17:32
Severity ?
EPSS score ?
Summary
A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco vManage Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200318 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-16010",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:29:02.425299Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:32:45.849Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco vManage Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-19T15:35:32",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200318 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss"
}
],
"source": {
"advisory": "cisco-sa-20200318-vmanage-xss",
"defect": [
[
"CSCvs09263"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-03-18T16:00:00-0700",
"ID": "CVE-2019-16010",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco vManage Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200318 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss"
}
]
},
"source": {
"advisory": "cisco-sa-20200318-vmanage-xss",
"defect": [
[
"CSCvs09263"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-16010",
"datePublished": "2020-03-19T15:35:33.014377Z",
"dateReserved": "2019-09-06T00:00:00",
"dateUpdated": "2024-11-15T17:32:45.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3372
Vulnerability from cvelistv5
Published
2020-07-16 17:21
Modified
2024-11-15 16:53
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to the affected web-based management interface. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and could result in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN vManage |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.418Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200715 Cisco SD-WAN vManage Software Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3372",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:27:16.956845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T16:53:24.469Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN vManage",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to the affected web-based management interface. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and could result in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-16T17:21:41",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200715 Cisco SD-WAN vManage Software Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ"
}
],
"source": {
"advisory": "cisco-sa-emvman-3y6LuTcZ",
"defect": [
[
"CSCvo08423",
"CSCvs21703",
"CSCvt69529"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN vManage Software Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-07-15T16:00:00",
"ID": "CVE-2020-3372",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN vManage Software Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vManage",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to the affected web-based management interface. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and could result in a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200715 Cisco SD-WAN vManage Software Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ"
}
]
},
"source": {
"advisory": "cisco-sa-emvman-3y6LuTcZ",
"defect": [
[
"CSCvo08423",
"CSCvs21703",
"CSCvt69529"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3372",
"datePublished": "2020-07-16T17:21:42.057524Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T16:53:24.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0433
Vulnerability from cvelistv5
Published
2018-10-05 14:00
Modified
2024-11-26 14:44
Severity ?
EPSS score ?
Summary
A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105295 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:28:09.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105295"
},
{
"name": "20180905 Cisco SD-WAN Solution Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0433",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T18:51:43.238664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T14:44:07.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-07T09:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "105295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105295"
},
{
"name": "20180905 Cisco SD-WAN Solution Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection"
}
],
"source": {
"advisory": "cisco-sa-20180905-sd-wan-injection",
"defect": [
[
"CSCvi69802",
"CSCvi69903"
]
],
"discovery": "UNKNOWN"
},
"title": "Cisco SD-WAN Solution Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2018-09-05T16:00:00-0500",
"ID": "CVE-2018-0433",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges."
}
]
},
"impact": {
"cvss": {
"baseScore": "7.8",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105295"
},
{
"name": "20180905 Cisco SD-WAN Solution Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection"
}
]
},
"source": {
"advisory": "cisco-sa-20180905-sd-wan-injection",
"defect": [
[
"CSCvi69802",
"CSCvi69903"
]
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0433",
"datePublished": "2018-10-05T14:00:00Z",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-26T14:44:07.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1650
Vulnerability from cvelistv5
Published
2019-01-24 15:00
Modified
2024-11-20 17:28
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the save command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/106716 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106716"
},
{
"name": "20190123 Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1650",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:56:03.197418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:28:27.959Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the save command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-25T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "106716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106716"
},
{
"name": "20190123 Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write"
}
],
"source": {
"advisory": "cisco-sa-20190123-sdwan-file-write",
"defect": [
[
"CSCvi69862"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-01-23T16:00:00-0800",
"ID": "CVE-2019-1650",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the save command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106716"
},
{
"name": "20190123 Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write"
}
]
},
"source": {
"advisory": "cisco-sa-20190123-sdwan-file-write",
"defect": [
[
"CSCvi69862"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1650",
"datePublished": "2019-01-24T15:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:28:27.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0432
Vulnerability from cvelistv5
Published
2018-10-05 14:00
Modified
2024-11-26 14:44
Severity ?
EPSS score ?
Summary
A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105296 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:28:09.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105296",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105296"
},
{
"name": "20180905 Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T18:51:45.638340Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T14:44:21.046Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-07T09:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "105296",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105296"
},
{
"name": "20180905 Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation"
}
],
"source": {
"advisory": "cisco-sa-20180905-sd-wan-escalation",
"defect": [
[
"CSCvi69801"
]
],
"discovery": "UNKNOWN"
},
"title": "Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2018-09-05T16:00:00-0500",
"ID": "CVE-2018-0432",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device."
}
]
},
"impact": {
"cvss": {
"baseScore": "8.8",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105296",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105296"
},
{
"name": "20180905 Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation"
}
]
},
"source": {
"advisory": "cisco-sa-20180905-sd-wan-escalation",
"defect": [
[
"CSCvi69801"
]
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0432",
"datePublished": "2018-10-05T14:00:00Z",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-26T14:44:21.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1510
Vulnerability from cvelistv5
Published
2021-05-06 12:42
Modified
2024-11-08 23:19
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN vEdge router |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1510",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:17:50.293104Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:19:11.003Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN vEdge router",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T12:42:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
],
"source": {
"advisory": "cisco-sa-sdwan-buffover-MWGucjtO",
"defect": [
[
"CSCvt11545",
"CSCvu28407",
"CSCvu28442"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-05-05T16:00:00",
"ID": "CVE-2021-1510",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vEdge router",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-buffover-MWGucjtO",
"defect": [
[
"CSCvt11545",
"CSCvu28407",
"CSCvu28442"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1510",
"datePublished": "2021-05-06T12:42:02.917449Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:19:11.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1513
Vulnerability from cvelistv5
Published
2021-05-06 12:50
Modified
2024-11-08 23:17
Severity ?
EPSS score ?
Summary
A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210505 Cisco SD-WAN Software vDaemon Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1513",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:01:28.542164Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:17:08.141Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T12:50:54",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210505 Cisco SD-WAN Software vDaemon Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW"
}
],
"source": {
"advisory": "cisco-sa-sdwan-dos-Ckn5cVqW",
"defect": [
[
"CSCvu28378"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Software vDaemon Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-05-05T16:00:00",
"ID": "CVE-2021-1513",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Software vDaemon Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210505 Cisco SD-WAN Software vDaemon Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-dos-Ckn5cVqW",
"defect": [
[
"CSCvu28378"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1513",
"datePublished": "2021-05-06T12:50:54.548142Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:17:08.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3266
Vulnerability from cvelistv5
Published
2020-03-19 15:35
Modified
2024-11-15 17:33
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:57.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200318 Cisco SD-WAN Solution Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3266",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:24:50.405708Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:33:53.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-19T15:35:12",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200318 Cisco SD-WAN Solution Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v"
}
],
"source": {
"advisory": "cisco-sa-sdwclici-cvrQpH9v",
"defect": [
[
"CSCvs47126"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Solution Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-03-18T16:00:00-0700",
"ID": "CVE-2020-3266",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200318 Cisco SD-WAN Solution Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v"
}
]
},
"source": {
"advisory": "cisco-sa-sdwclici-cvrQpH9v",
"defect": [
[
"CSCvs47126"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3266",
"datePublished": "2020-03-19T15:35:12.582598Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:33:53.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0434
Vulnerability from cvelistv5
Published
2018-10-05 14:00
Modified
2024-11-26 14:43
Severity ?
EPSS score ?
Summary
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/105294 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:28:10.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20180905 Cisco SD-WAN Solution Certificate Validation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation"
},
{
"name": "105294",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105294"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0434",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T18:51:41.912292Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T14:43:53.131Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-07T09:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20180905 Cisco SD-WAN Solution Certificate Validation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation"
},
{
"name": "105294",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105294"
}
],
"source": {
"advisory": "cisco-sa-20180905-sd-wan-validation",
"defect": [
[
"CSCvi69940"
]
],
"discovery": "UNKNOWN"
},
"title": "Cisco SD-WAN Solution Certificate Validation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2018-09-05T16:00:00-0500",
"ID": "CVE-2018-0434",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Certificate Validation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software."
}
]
},
"impact": {
"cvss": {
"baseScore": "8.1",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20180905 Cisco SD-WAN Solution Certificate Validation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation"
},
{
"name": "105294",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105294"
}
]
},
"source": {
"advisory": "cisco-sa-20180905-sd-wan-validation",
"defect": [
[
"CSCvi69940"
]
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0434",
"datePublished": "2018-10-05T14:00:00Z",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-26T14:43:53.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20850
Vulnerability from cvelistv5
Published
2022-09-30 18:46
Modified
2024-11-01 18:50
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:50.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20850",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T18:40:31.320155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T18:50:42.028Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-09-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-30T18:46:05",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
}
],
"source": {
"advisory": "cisco-sa-arb-file-delete-VB2rVcQv",
"defect": [
[
"CSCvm25943"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Arbitrary File Deletion Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-09-28T16:00:00",
"ID": "CVE-2022-20850",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Arbitrary File Deletion Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.5",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
}
]
},
"source": {
"advisory": "cisco-sa-arb-file-delete-VB2rVcQv",
"defect": [
[
"CSCvm25943"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20850",
"datePublished": "2022-09-30T18:46:05.246074Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-01T18:50:42.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1648
Vulnerability from cvelistv5
Published
2019-01-24 15:00
Modified
2024-11-20 17:28
Severity ?
EPSS score ?
Summary
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/106719 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190123 Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal"
},
{
"name": "106719",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106719"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1648",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:56:04.651892Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:28:37.180Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-26T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190123 Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal"
},
{
"name": "106719",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106719"
}
],
"source": {
"advisory": "cisco-sa-20190123-sdwan-sol-escal",
"defect": [
[
"CSCvi69985"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-01-23T16:00:00-0800",
"ID": "CVE-2019-1648",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190123 Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal"
},
{
"name": "106719",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106719"
}
]
},
"source": {
"advisory": "cisco-sa-20190123-sdwan-sol-escal",
"defect": [
[
"CSCvi69985"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1648",
"datePublished": "2019-01-24T15:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-20T17:28:37.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3265
Vulnerability from cvelistv5
Published
2020-03-19 15:35
Modified
2024-11-15 17:33
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN Solution |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:57.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200318 Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3265",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:24:49.102891Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:33:35.542Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-19T15:35:17",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200318 Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9"
}
],
"source": {
"advisory": "cisco-sa-sdwpresc-ySJGvE9",
"defect": [
[
"CSCvs50619"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-03-18T16:00:00-0700",
"ID": "CVE-2020-3265",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200318 Cisco SD-WAN Solution Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9"
}
]
},
"source": {
"advisory": "cisco-sa-sdwpresc-ySJGvE9",
"defect": [
[
"CSCvs50619"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3265",
"datePublished": "2020-03-19T15:35:17.637643Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:33:35.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3378
Vulnerability from cvelistv5
Published
2020-07-16 17:21
Modified
2024-11-15 16:53
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco SD-WAN vManage |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200715 Cisco SD-WAN vManage Software SQL Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3378",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:27:15.444034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T16:53:12.461Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN vManage",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-16T17:21:46",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200715 Cisco SD-WAN vManage Software SQL Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O"
}
],
"source": {
"advisory": "cisco-sa-sivm-M8wugR9O",
"defect": [
[
"CSCvt66733"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN vManage Software SQL Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-07-15T16:00:00",
"ID": "CVE-2020-3378",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN vManage Software SQL Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vManage",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.3",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200715 Cisco SD-WAN vManage Software SQL Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O"
}
]
},
"source": {
"advisory": "cisco-sa-sivm-M8wugR9O",
"defect": [
[
"CSCvt66733"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3378",
"datePublished": "2020-07-16T17:21:46.587933Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T16:53:12.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFBD73B-485E-4E85-9BD2-458BF0118A77",
"versionEndExcluding": "18.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29124AAF-CC72-4B12-B1DE-92B10477805D",
"versionEndExcluding": "19.2.3",
"versionStartIncluding": "19.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web para Cisco SD-WAN vManage Software podr\u00eda permitir a un atacante remoto autenticado afectar la integridad de un sistema afectado mediante una ejecuci\u00f3n de consultas SQL arbitrarias. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de las entradas suministradas por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de entradas dise\u00f1adas que incluyen declaraciones SQL hacia un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante modificar entradas en algunas tablas de la base de datos, afectando la integridad de los datos"
}
],
"id": "CVE-2020-3378",
"lastModified": "2024-11-21T05:30:54.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-16T18:15:18.597",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-05 14:29
Modified
2024-11-21 03:38
Severity ?
Summary
A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/105296 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105296 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | vmanage_network_management_system | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA7EC35-E407-451C-A74C-7E56D802B868",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA91A271-08ED-40C9-885B-D2F67BBF2B7E",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35386A93-1EBF-4347-B916-E915D574AF15",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8AC6B8-A07F-4E52-B2D0-F5EC3061060B",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vmanage_network_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9794CD-0EE1-4203-A232-9365D4AEE837",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la caracter\u00edstica de manejo de errores de Cisco SD-WAN Solution podr\u00eda permitir que un atacante remoto autenticado obtenga privilegios elevados en un dispositivo afectado. La vulnerabilidad se debe a un error a la hora de validar correctamente ciertos par\u00e1metros incluidos en la configuraci\u00f3n de la aplicaci\u00f3n de informe de errores. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un comando manipulado a la caracter\u00edstica de informe de errores. Un exploit exitoso podr\u00eda permitir que el atacante obtenga privilegios de nivel root y obtenga el control total del dispositivo."
}
],
"id": "CVE-2018-0432",
"lastModified": "2024-11-21T03:38:13.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-05T14:29:01.497",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105296"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB1FC04-6D73-42F5-9809-EF03C1394F75",
"versionEndExcluding": "19.2.3",
"versionStartIncluding": "19.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3366F4EC-9DCD-44F8-8430-1B3BA7A9B95F",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D155FE-14C5-4658-A5D4-974DCE7FED4F",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE2C4782-DD4D-4113-A367-13DA609AD5F4",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37F7EB56-340D-46CE-BA4C-34FAE6843830",
"versionEndExcluding": "18.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E4006C4-164F-44EA-84BD-C0BBA5EBD59F",
"versionEndExcluding": "20.1.2",
"versionStartIncluding": "20.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "300CB6ED-1ECC-4007-A522-06C07B83ED55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF370668-127C-409B-83FE-293B830D4FB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86317BCD-C9A3-41A3-9BEB-EDAD5428B0DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97D2D470-F97D-4B59-ACBA-866049389EF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2036EAF7-2541-4C35-B1C4-9E0957272FAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1693BEA9-3FCA-4B96-8CB2-E43BA56A9CCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90003391-8A4D-4A7E-8D1B-AC1700D4CEDC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5725A7-6EA8-405E-B1AF-7C787DD6728B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "050982D6-BB38-44D0-B67E-73DE9E7567AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE4E07-253D-44FD-93A4-3750603B44AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge-100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07E7851F-3E72-4677-B907-CF777EBED2FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A4CEAC-97A4-4A0A-BEF1-B015FBE4E6FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94999112-9EAA-4707-B002-F867D7628C49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de Cisco SD-WAN Software, podr\u00eda permitir a un atacante local autenticado sobrescribir archivos arbitrarios en el sistema de archivos subyacente de un sistema afectado.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los par\u00e1metros de la entrada proporcionados por el usuario de un comando CLI espec\u00edfico.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidadal al emitir ese comando con par\u00e1metros espec\u00edficos.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante sobrescribir el contenido de cualquier archivo arbitrario que resida en el sistema de archivos del host subyacente"
}
],
"id": "CVE-2021-1512",
"lastModified": "2024-11-21T05:44:31.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-06T13:15:10.817",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-552"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFED2F3-4C18-4BE5-9F97-2CFCE37E7A2E",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B89D5AE2-3ED3-4C57-AF93-E9750D38F029",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE3B3E4-CE46-454C-B7A1-2A42657C7035",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50C849A5-EBF4-4CD7-93AE-503C3E0B7A05",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "834192CC-585D-445E-B2AD-D73E9CDF3FED",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "9D905B3F-094C-472C-AAAD-A4129282E942",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12136AD8-9113-46B9-B6A9-0C330ABB05B9",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "772B02D0-4C02-4C27-AAA4-AF0BAF00A047",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "829BA8C4-8E99-4338-817B-9F9FF37105BE",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6375DFCF-2EEB-482B-AAD4-8FAB8F03C9C0",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7DE9EC-0075-4655-A888-A4ED3DB002A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "200199EC-2819-4DE0-828C-0F56790CA1B4",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "104BBAE4-C7C1-4E5A-A540-AF679FCE1CD2",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "9E03BDAC-9DF0-444D-B5C8-483892B31982",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E479E1A4-0F80-4FDC-8F9F-9E23A885179A",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "584863D2-B181-4CDF-8266-EEBA56A5AA85",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "BADF97B2-33D0-4A28-BDFC-CBD3A235EF5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4288CD57-CDEE-4B03-8163-7CDDE7767914",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50C0D971-E2C4-4048-A08F-0A5D437866F8",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "1E998DFA-CE7F-4954-AB06-CBB15317C6A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12136AD8-9113-46B9-B6A9-0C330ABB05B9",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "772B02D0-4C02-4C27-AAA4-AF0BAF00A047",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "430D9FAC-36E8-4AB0-85F2-88D7EF1F6B7A",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBBDE43-BBAE-431B-AF56-73D9CC8743F7",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "C0D58D17-951F-446E-8004-A489E3A9725E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94999112-9EAA-4707-B002-F867D7628C49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en Cisco SD-WAN vEdge Software, podr\u00edan permitir a un atacante ejecutar c\u00f3digo arbitrario como usuario root o causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1510",
"lastModified": "2024-11-21T05:44:30.783",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-06T13:15:10.753",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8782BEB0-5880-4DF8-A0E3-A8F45437E121",
"versionEndExcluding": "20.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D155FE-14C5-4658-A5D4-974DCE7FED4F",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE2C4782-DD4D-4113-A367-13DA609AD5F4",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "300CB6ED-1ECC-4007-A522-06C07B83ED55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF370668-127C-409B-83FE-293B830D4FB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86317BCD-C9A3-41A3-9BEB-EDAD5428B0DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97D2D470-F97D-4B59-ACBA-866049389EF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2036EAF7-2541-4C35-B1C4-9E0957272FAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1693BEA9-3FCA-4B96-8CB2-E43BA56A9CCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90003391-8A4D-4A7E-8D1B-AC1700D4CEDC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5725A7-6EA8-405E-B1AF-7C787DD6728B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "050982D6-BB38-44D0-B67E-73DE9E7567AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61DE4E07-253D-44FD-93A4-3750603B44AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge-100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07E7851F-3E72-4677-B907-CF777EBED2FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A4CEAC-97A4-4A0A-BEF1-B015FBE4E6FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94999112-9EAA-4707-B002-F867D7628C49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el proceso vDaemon de Cisco SD-WAN Software, podr\u00eda permitir a un atacante remoto no autenticado causar la recarga de un dispositivo, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;Esta vulnerabilidad es debido al manejo insuficiente de paquetes malformados.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo tr\u00e1fico dise\u00f1ado hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo se recargue, resultando en una condici\u00f3n de DoS"
}
],
"id": "CVE-2021-1513",
"lastModified": "2024-11-21T05:44:31.207",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-06T13:15:10.850",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-30 19:15
Modified
2024-11-21 06:43
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | sd-wan_vbond_orchestrator | * | |
| cisco | sd-wan_vmanage | * | |
| cisco | sd-wan_vsmart_controller | * | |
| cisco | ios_xe_sd-wan | * | |
| cisco | sd-wan | * | |
| cisco | 1100-4g_integrated_services_router | - | |
| cisco | 1100-6g_integrated_services_router | - | |
| cisco | 1100_integrated_services_router | - | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000 | - | |
| cisco | vedge_100b | - | |
| cisco | vedge_100m | - | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3970BA7-2CD6-4DC1-BEBC-03662C88DA94",
"versionEndExcluding": "18.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3197B1-2306-4B0B-96A2-52BB369EE79C",
"versionEndExcluding": "18.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12016C30-65D9-4508-B138-0F612736CBF2",
"versionEndExcluding": "18.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "052AA171-9B26-4D76-ADA5-1984759AEFB6",
"versionEndExcluding": "16.10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A94AB84-87A9-47FB-B3CB-55282536B006",
"versionEndExcluding": "18.4.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software Cisco IOS XE SD-WAN independiente y del software Cisco SD-WAN podr\u00eda permitir a un atacante local autenticado eliminar archivos arbitrarios del sistema de archivos de un dispositivo afectado. Esta vulnerabilidad es debido a una insuficiente comprobaci\u00f3n de entradas. Un atacante podr\u00eda explotar esta vulnerabilidad al inyectar informaci\u00f3n de ruta de archivos arbitraria cuando son usados comandos en la CLI de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante eliminar archivos arbitrarios del sistema de archivos del dispositivo afectado"
}
],
"id": "CVE-2022-20850",
"lastModified": "2024-11-21T06:43:41.000",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-30T19:15:12.543",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-19 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD64DC2A-34EF-4DBC-A08B-39671B279310",
"versionEndExcluding": "19.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software Cisco SD-WAN Solution, podr\u00eda permitir a un atacante local autenticado inyectar comandos arbitrarios que son ejecutados con privilegios root. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad al autenticarse en el dispositivo y enviar datos dise\u00f1ados hacia la utilidad de CLI. El atacante debe estar autenticado para acceder a la utilidad de CLI. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos con privilegios root."
}
],
"id": "CVE-2020-3266",
"lastModified": "2024-11-21T05:30:41.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-19T16:15:15.690",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-19 16:15
Modified
2024-11-21 04:29
Severity ?
Summary
A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD64DC2A-34EF-4DBC-A08B-39671B279310",
"versionEndExcluding": "19.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la Interfaz de Usuario web del software Cisco SD-WAN vManage, podr\u00eda permitir a un atacante remoto autenticado llevar a cabo un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz de administraci\u00f3n basada en web del software vManage. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente suministrada por el usuario por la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda explotar esta vulnerabilidad al persuadir a un usuario de la interfaz para que haga clic sobre un enlace dise\u00f1ado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo script arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en navegador."
}
],
"id": "CVE-2019-16010",
"lastModified": "2024-11-21T04:29:55.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-19T16:15:14.517",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFED2F3-4C18-4BE5-9F97-2CFCE37E7A2E",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B89D5AE2-3ED3-4C57-AF93-E9750D38F029",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE3B3E4-CE46-454C-B7A1-2A42657C7035",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50C849A5-EBF4-4CD7-93AE-503C3E0B7A05",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "834192CC-585D-445E-B2AD-D73E9CDF3FED",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "9D905B3F-094C-472C-AAAD-A4129282E942",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12136AD8-9113-46B9-B6A9-0C330ABB05B9",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "772B02D0-4C02-4C27-AAA4-AF0BAF00A047",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "829BA8C4-8E99-4338-817B-9F9FF37105BE",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6375DFCF-2EEB-482B-AAD4-8FAB8F03C9C0",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7DE9EC-0075-4655-A888-A4ED3DB002A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "200199EC-2819-4DE0-828C-0F56790CA1B4",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "104BBAE4-C7C1-4E5A-A540-AF679FCE1CD2",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "9E03BDAC-9DF0-444D-B5C8-483892B31982",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E479E1A4-0F80-4FDC-8F9F-9E23A885179A",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "584863D2-B181-4CDF-8266-EEBA56A5AA85",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "BADF97B2-33D0-4A28-BDFC-CBD3A235EF5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4288CD57-CDEE-4B03-8163-7CDDE7767914",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50C0D971-E2C4-4048-A08F-0A5D437866F8",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "1E998DFA-CE7F-4954-AB06-CBB15317C6A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12136AD8-9113-46B9-B6A9-0C330ABB05B9",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "772B02D0-4C02-4C27-AAA4-AF0BAF00A047",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "430D9FAC-36E8-4AB0-85F2-88D7EF1F6B7A",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBBDE43-BBAE-431B-AF56-73D9CC8743F7",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "C0D58D17-951F-446E-8004-A489E3A9725E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94999112-9EAA-4707-B002-F867D7628C49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en Cisco SD-WAN vEdge Software, podr\u00edan permitir a un atacante ejecutar c\u00f3digo arbitrario como usuario root o causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1511",
"lastModified": "2024-11-21T05:44:30.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-06T13:15:10.783",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-30 19:15
Modified
2024-11-21 06:43
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | catalyst_sd-wan_manager | 20.8 | |
| cisco | catalyst_sd-wan_manager | 20.9 | |
| cisco | sd-wan_vbond_orchestrator | * | |
| cisco | sd-wan_vbond_orchestrator | 20.8 | |
| cisco | sd-wan_vbond_orchestrator | 20.9 | |
| cisco | sd-wan_vmanage | * | |
| cisco | sd-wan_vsmart_controller | * | |
| cisco | sd-wan_vsmart_controller | 20.8 | |
| cisco | sd-wan_vsmart_controller | 20.9 | |
| cisco | sd-wan | * | |
| cisco | sd-wan | 20.8 | |
| cisco | sd-wan | 20.9 | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000 | - | |
| cisco | vedge_100b | - | |
| cisco | vedge_100m | - | |
| cisco | vedge_100wm | - | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0493FE21-BB5A-41D3-9EBD-2C2BD165D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9:*:*:*:*:*:*:*",
"matchCriteriaId": "14E0AF41-0322-4F59-A2E2-DF709FC365E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D46A4FAD-C08D-434F-8F34-7256196AC215",
"versionEndExcluding": "20.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:20.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B62FF06E-8A11-41B5-B67C-9C008B5832F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:20.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB7C1FF-B18D-47CA-BC1A-34C0029DC2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1885D68A-547F-4C24-AE92-9F0D620E2018",
"versionEndExcluding": "20.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1032BCB0-0343-46C3-A094-A484551D6DD5",
"versionEndExcluding": "20.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:20.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D65F88EF-F2A8-4798-A88B-5B0584760E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:20.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E74B8658-FF4B-4DBA-AADA-73655B76339A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E43D23-7294-4CCC-8B7C-D9231115CA61",
"versionEndExcluding": "20.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan:20.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8CEAD0DC-6407-4D23-A73D-0089C31CEB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan:20.9:*:*:*:*:*:*:*",
"matchCriteriaId": "25734138-B0A8-41C1-B7C4-6D1B011C4FBC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software Cisco SD-WAN podr\u00eda permitir a un atacante local autenticado sobrescribir y posiblemente corromper archivos en un sistema afectado. Esta vulnerabilidad es debido a que la comprobaci\u00f3n de entradas es insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad al inyectar comandos arbitrarios que son ejecutados como la cuenta de usuario root. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante sobrescribir archivos arbitrarios del sistema, lo que podr\u00eda resultar en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)"
}
],
"id": "CVE-2022-20930",
"lastModified": "2024-11-21T06:43:50.820",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-30T19:15:13.557",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-04 17:15
Modified
2024-11-21 05:44
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABABC6A-BE28-4107-A00F-E6D8841168F5",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE2C4782-DD4D-4113-A367-13DA609AD5F4",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8099190-F1EC-4AFC-9607-5F13E09B7C26",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3079495E-BB87-48EF-92F2-5C0DFBBDFB2D",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A234D95C-0AC1-4183-8457-550932E10B7E",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3634B4-6146-4DF5-B242-6606F6CCBA00",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E75BF8E-8BA5-4A53-9CE9-F10CC245FFC3",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B89D5AE2-3ED3-4C57-AF93-E9750D38F029",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6916F5F8-4E5B-4878-9C08-430F30EB61FD",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "834192CC-585D-445E-B2AD-D73E9CDF3FED",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D0C212A-DDCE-4D44-8D2A-8A7DEC4C30E2",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B4CFA5-743E-4A04-9FED-CB9A5F587192",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6375DFCF-2EEB-482B-AAD4-8FAB8F03C9C0",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA09C6C5-B770-4C42-8DE0-4482D7FC5512",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "104BBAE4-C7C1-4E5A-A540-AF679FCE1CD2",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E609583F-9F2E-435A-88A3-77950F3825BD",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "584863D2-B181-4CDF-8266-EEBA56A5AA85",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39F5B972-D194-4333-BEF6-129BEBB61E9E",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50C0D971-E2C4-4048-A08F-0A5D437866F8",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D0C212A-DDCE-4D44-8D2A-8A7DEC4C30E2",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8696F30-DB2C-46D8-99BF-68A3D3AC0988",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBBDE43-BBAE-431B-AF56-73D9CC8743F7",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94999112-9EAA-4707-B002-F867D7628C49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del Software Cisco SD-WAN, podr\u00eda permitir a un atacante local autenticado alcanzar privilegios elevados en un sistema afectado. Esta vulnerabilidad se presenta porque el software afectado no restringe apropiadamente el acceso a los procesos con privilegios. Un atacante podr\u00eda explotar esta vulnerabilidad al invocar un proceso privilegiado en el sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante llevar a cabo acciones con los privilegios del usuario root"
}
],
"id": "CVE-2021-1528",
"lastModified": "2024-11-21T05:44:33.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-04T17:15:09.020",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-250"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 05:44
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A19C57E-75A5-47AA-94B7-A7ADC2CD7091",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "18.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D860DAF6-2876-4F54-ACBF-B217E709BD7F",
"versionEndExcluding": "20.6.1",
"versionStartIncluding": "20.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F397362-BB17-4F5E-AFA3-B604A96C7BAE",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "18.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15F9C222-75A1-44F8-A726-46CA77430D2F",
"versionEndExcluding": "20.5.2",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F05A7552-5CFC-47EE-BA6B-98D423761369",
"versionEndExcluding": "20.6.1",
"versionStartIncluding": "20.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC5C7C68-74C1-4D7F-848B-16C8566C0F42",
"versionEndExcluding": "20.5.2",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D99340DC-B83C-4F81-969F-C0A6E7CC4A54",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "18.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "918ACCD9-0F3F-4EF3-8C0A-AE30F69BC8E9",
"versionEndExcluding": "20.5.2",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A923BEA-61C4-4A2E-A7DD-BB389FF661CB",
"versionEndExcluding": "20.6.1",
"versionStartIncluding": "20.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF370668-127C-409B-83FE-293B830D4FB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7887226-3051-4914-8B0E-5DF4296AB68E",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "18.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "210F5970-F029-4E1F-97E4-0813F78CA88C",
"versionEndExcluding": "20.5.2",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99B58689-4FDF-4811-B1EE-584F777B696D",
"versionEndExcluding": "20.6.1",
"versionStartIncluding": "20.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F443A171-E27A-4173-BB09-77E0A1587CE6",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "18.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "047C57D1-C8B3-46F2-8B02-8467AF57D71A",
"versionEndExcluding": "20.5.2",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF65836-25C3-46C7-8989-9ABF3069D13F",
"versionEndExcluding": "20.6.1",
"versionStartIncluding": "20.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61682805-F527-473D-970A-B68053889AC8",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "18.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1ECE5A2-ED32-4453-A0FC-78A3D0D4F554",
"versionEndExcluding": "20.5.2",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3A99ECD-E6FE-4BF8-BE6D-22005B5E387A",
"versionEndExcluding": "20.6.1",
"versionStartIncluding": "20.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E00BBD5-A34A-47EF-9BCA-7100D2282A72",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "18.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F42BACEF-31BE-4FEF-8BD3-8EC2D5A59194",
"versionEndExcluding": "20.5.2",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00A3ECC6-E30A-4611-9872-8C6133F4A0C6",
"versionEndExcluding": "20.6.1",
"versionStartIncluding": "20.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "449AC46F-BE53-4706-A448-83A848492637",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "18.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42659BBF-8707-4DAC-8A5D-0E9DC10DD68F",
"versionEndExcluding": "20.5.2",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9899709-00DD-4934-9A54-3FDB171C2E74",
"versionEndExcluding": "20.6.1",
"versionStartIncluding": "20.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A27667C1-0EF2-419D-A216-83FBC3F5A61E",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "18.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6954D048-EE8D-4923-9F10-18FD941AF72A",
"versionEndExcluding": "20.5.2",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95ED1F5D-5573-4886-A875-10DD93AE495B",
"versionEndExcluding": "20.6.1",
"versionStartIncluding": "20.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB95804D-0357-4F33-ABB2-AB04C34D3095",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "18.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE58206-30C8-4734-B5BB-1FD631351F49",
"versionEndExcluding": "20.5.2",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB1732D-73DA-4125-A2FE-A79435B550AC",
"versionEndExcluding": "20.6.1",
"versionStartIncluding": "20.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56637DFC-FD0A-4714-9988-2DE80B3FB7BE",
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "18.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00C2DEED-5833-4E13-BBB3-5E5FE837979D",
"versionEndExcluding": "20.5.2",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF84BFB-E819-4C59-B16D-B00508218CE3",
"versionEndExcluding": "20.6.1",
"versionStartIncluding": "20.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94999112-9EAA-4707-B002-F867D7628C49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de Cisco SD-WAN Software podr\u00eda permitir a un atacante local autenticado acceder a informaci\u00f3n confidencial. Esta vulnerabilidad es debido a protecciones inapropiadas en el acceso a archivos mediante la CLI. Un atacante podr\u00eda explotar esta vulnerabilidad al ejecutar un comando de la CLI que tenga como objetivo un archivo arbitrario en el sistema local. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante devolver porciones de un archivo arbitrario, posiblemente resultando en una divulgaci\u00f3n de informaci\u00f3n confidencial"
}
],
"id": "CVE-2021-1546",
"lastModified": "2024-11-21T05:44:35.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T03:15:11.183",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-24 15:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/106719 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106719 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | sd-wan | * | |
| cisco | vbond_orchestrator | - | |
| cisco | vmanage_network_management | - | |
| cisco | vsmart_controller | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8569BEE0-3BDA-4349-9FAC-6ACE0A4E3C28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93A1525E-AB99-4217-8C31-1F040710B155",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50272035-AE86-4BD5-88FA-929157267BC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE381F7-295F-4F05-84B0-3F07E099AD59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "698D777B-1AB1-4A54-98EC-8948BF287DA9",
"versionEndExcluding": "18.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA648664-0734-4D02-8944-CA4DF4D756D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vmanage_network_management:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF9528B-1D1E-4CF2-ABA8-D01CC6F4A8BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16884C-A2EE-4867-8806-6418E000078C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la configuraci\u00f3n del grupo de usuarios de la soluci\u00f3n Cisco SD-WAN podr\u00eda permitir a un atacante local autenticado obtener privilegios elevados en un dispositivo afectado. La vulnerabilidad se debe a un error a la hora de validar correctamente ciertos par\u00e1metros incluidos en la configuraci\u00f3n \"group\". Un atacante podr\u00eda explotar esta vulnerabilidad escribiendo un archivo manipulado en el directorio donde la configuraci\u00f3n \"user group\" est\u00e1 ubicada en el sistema operativo subyacente. Un exploit exitoso podr\u00eda permitir que el atacante obtenga privilegios de nivel root y obtenga el control total del dispositivo."
}
],
"id": "CVE-2019-1648",
"lastModified": "2024-11-21T04:37:00.493",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-24T15:29:00.767",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106719"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-05 14:29
Modified
2024-11-21 03:38
Severity ?
Summary
A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/105295 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105295 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | vbond_orchestrator | - | |
| cisco | vedge_cloud_router_platform | - | |
| cisco | vmanage_network_management_system | - | |
| cisco | vsmart_controller | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA7EC35-E407-451C-A74C-7E56D802B868",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA91A271-08ED-40C9-885B-D2F67BBF2B7E",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35386A93-1EBF-4347-B916-E915D574AF15",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8AC6B8-A07F-4E52-B2D0-F5EC3061060B",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA648664-0734-4D02-8944-CA4DF4D756D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vedge_cloud_router_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8872C5F-974E-4678-80FA-7C3FEC6B533B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vmanage_network_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9794CD-0EE1-4203-A232-9365D4AEE837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16884C-A2EE-4867-8806-6418E000078C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de l\u00ednea de comandos (CLI) en Cisco SD-WAN Solution podr\u00eda permitir que un atacante local autenticado inyecte comandos arbitrarios que se ejecutan con privilegios root. Esta vulnerabilidad se debe a una validaci\u00f3n de entradas insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose en el dispositivo y enviando una entrada manipulada a la utilidad CLI. El atacante debe estar autenticado para acceder a la utilidad CLI. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante ejecute comandos con privilegios root."
}
],
"id": "CVE-2018-0433",
"lastModified": "2024-11-21T03:38:13.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-05T14:29:01.607",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105295"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "294BFF76-0352-4778-B6DA-3F8D5C69B5EE",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3366F4EC-9DCD-44F8-8430-1B3BA7A9B95F",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D155FE-14C5-4658-A5D4-974DCE7FED4F",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE2C4782-DD4D-4113-A367-13DA609AD5F4",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBCB1ED4-B8F6-454A-A50E-1E6C5799A38B",
"versionEndExcluding": "18.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52660B0F-9951-4720-9243-C04D19E1C900",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43CB0C13-B19C-4716-9079-E3187C6A8F60",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CBDDA10-0C6A-4AE2-A79D-6ACE91BCE422",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3079495E-BB87-48EF-92F2-5C0DFBBDFB2D",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA56832C-0BA7-49F8-B03D-F7A8DDBA2D76",
"versionEndExcluding": "18.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F385B4-A7C9-4964-9A2F-9B246C2A4219",
"versionEndExcluding": "18.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35D792D2-7C42-4E49-A024-7D8F10A5CD03",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89290824-9E80-4DA6-B943-500A9DC80EF4",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57361E3C-D8AD-4971-8015-96B8910B847D",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B61FD2-6C23-4A1A-AED4-CAD54D0715C4",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF370668-127C-409B-83FE-293B830D4FB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03063D-9DB6-4D3A-8FFF-C530635371CC",
"versionEndExcluding": "18.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43E988F6-8D4D-4E75-9C43-31E92AA3F85A",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C67D65F-5DBD-4DCE-84CF-F1F2FBA4A250",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFED2F3-4C18-4BE5-9F97-2CFCE37E7A2E",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B89D5AE2-3ED3-4C57-AF93-E9750D38F029",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF226AE-FF8F-4203-8DAC-438E82AEC85A",
"versionEndExcluding": "18.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD6B70F-1356-4AB4-A8DB-6BB3BAD854A6",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "669F7796-2CBF-42BF-91C4-F861DF09D4B7",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50C849A5-EBF4-4CD7-93AE-503C3E0B7A05",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "834192CC-585D-445E-B2AD-D73E9CDF3FED",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5A7F2E-0B61-4C4C-AE1F-BAFB735DA905",
"versionEndExcluding": "18.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1158B505-4DAC-42BB-A9E5-533BCA7545F4",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "427DC9A5-3374-440C-A797-DC7BBCCCB13D",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12136AD8-9113-46B9-B6A9-0C330ABB05B9",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E77822B-DEF3-44C3-9AFE-A406ECD26EE5",
"versionEndExcluding": "18.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A4C603C-9858-4048-AA20-7C7F7BB84DBD",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A51AE026-39C0-400B-8E78-21ACBF6D560F",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "829BA8C4-8E99-4338-817B-9F9FF37105BE",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6375DFCF-2EEB-482B-AAD4-8FAB8F03C9C0",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "646D2962-5FB3-45E1-B743-CFDF6219742B",
"versionEndExcluding": "18.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55B533F-0942-4848-A823-8D17BD9C70AC",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04BBF912-56A4-4B0D-AEDE-3B4A66E46DC6",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "200199EC-2819-4DE0-828C-0F56790CA1B4",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "104BBAE4-C7C1-4E5A-A540-AF679FCE1CD2",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66F09F72-2D64-4952-8ED1-5B1D8817B065",
"versionEndExcluding": "18.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28170198-23CE-48F9-8502-3C0F51EDCB33",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48758B17-6BB7-45BB-AB83-36AF55238250",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E479E1A4-0F80-4FDC-8F9F-9E23A885179A",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "584863D2-B181-4CDF-8266-EEBA56A5AA85",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5488D32F-808B-4327-8C57-13F270C02C1B",
"versionEndExcluding": "18.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B559B94-0730-4F3D-90AB-E71D2E684C19",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2090A040-270A-4BD1-8430-603C709F64E8",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4288CD57-CDEE-4B03-8163-7CDDE7767914",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50C0D971-E2C4-4048-A08F-0A5D437866F8",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1B097C-09B1-4DC6-B0F9-92E01C415DF3",
"versionEndExcluding": "18.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA95C6C-72C5-4DDF-B036-5AB2900C9C71",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8123987-EAD3-47D2-AD9F-167A1D52AEF7",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25953689-6E4F-477A-A251-54C1D8ED8880",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3414238A-002E-48F7-82DE-FE4122B1A10A",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge-100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07E7851F-3E72-4677-B907-CF777EBED2FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83F5CAE4-CB80-441B-928D-86C13570AA1B",
"versionEndExcluding": "18.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC788143-279B-4325-988A-5FBAA4B438CC",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBE16B1-8E2A-4DF8-B362-86874FAC1F0C",
"versionEndExcluding": "20.3.1",
"versionStartIncluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "430D9FAC-36E8-4AB0-85F2-88D7EF1F6B7A",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBBDE43-BBAE-431B-AF56-73D9CC8743F7",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94999112-9EAA-4707-B002-F867D7628C49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de Cisco SD-WAN Software, podr\u00eda permitir a un atacante local autenticado inyectar comandos arbitrarios para que sean ejecutados con privilegios de administrador en el Sistema Operativo subyacente.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada en determinados comandos de la CLI.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad si se autentica en el dispositivo y env\u00eda una entrada dise\u00f1ada a la CLI.\u0026#xa0;El atacante debe estar autenticado como un usuario poco privilegiado para ejecutar los comandos afectados.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos con privilegios de administrador"
}
],
"id": "CVE-2021-1514",
"lastModified": "2024-11-21T05:44:31.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-06T13:15:10.887",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | sd-wan_firmware | * | |
| cisco | sd-wan_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000 | - | |
| cisco | vedge_100b | - | |
| cisco | vedge_100m | - | |
| cisco | vedge_100wm | - | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000 | - | |
| cisco | vedge_cloud_router | - | |
| cisco | vsmart_controller | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63CA5CB9-FD3B-46F0-AA1E-4F538C043863",
"versionEndExcluding": "17.2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C47A3040-34A7-4D25-B733-22E90D516D3F",
"versionEndExcluding": "18.3.0",
"versionStartIncluding": "17.2.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3414A3DC-8CF2-41B5-BD73-127712934DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16884C-A2EE-4867-8806-6418E000078C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco SD-WAN Solution Software podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de los campos en los mensajes de interconexi\u00f3n SD-WAN de Cisco que est\u00e1n encapsulados en paquetes UDP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de mensajes UDP dise\u00f1ados hacia el sistema objetivo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar un fallo en los servicios del dispositivo, resultando en una condici\u00f3n DoS que podr\u00eda afectar el dispositivo objetivo y otros dispositivos que dependen de \u00e9l"
}
],
"id": "CVE-2020-3351",
"lastModified": "2024-11-21T05:30:51.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-16T18:15:17.907",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to the affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A3EF017-77E2-4D00-9209-6FC239FFDEF1",
"versionEndIncluding": "19.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to the affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco SD-WAN vManage Software podr\u00eda permitir a un atacante remoto autenticado llevar a cabo ataques de salto de ruta y obtener acceso de lectura a archivos confidenciales sobre un sistema afectado. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de las peticiones HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTP dise\u00f1ada que contenga secuencias de caracteres de salto de directorio hacia el sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante visualizar archivos arbitrarios en el sistema afectado"
}
],
"id": "CVE-2020-3401",
"lastModified": "2024-11-21T05:30:57.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-16T18:15:19.300",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-05 14:29
Modified
2024-11-21 03:38
Severity ?
Summary
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/105294 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105294 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | vmanage_network_management_system | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA7EC35-E407-451C-A74C-7E56D802B868",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA91A271-08ED-40C9-885B-D2F67BBF2B7E",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35386A93-1EBF-4347-B916-E915D574AF15",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8AC6B8-A07F-4E52-B2D0-F5EC3061060B",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vmanage_network_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9794CD-0EE1-4203-A232-9365D4AEE837",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la caracter\u00edstica Zero Touch Provisioning de Cisco SD-WAN Solution podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso no autorizado a datos sensibles utilizando un certificado no v\u00e1lido. Esta vulnerabilidad tambi\u00e9n se debe a la validaci\u00f3n insuficiente de certificados por parte del software afectado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un certificado manipulado a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir a un atacante realizar ataques Man-in-the-Middle (MitM) para descifrar informaci\u00f3n confidencial en las conexiones del usuario al software afectado."
}
],
"id": "CVE-2018-0434",
"lastModified": "2024-11-21T03:38:13.330",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-05T14:29:01.700",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105294"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-19 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFBD73B-485E-4E85-9BD2-458BF0118A77",
"versionEndExcluding": "18.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "668E1C16-F991-4BB9-AF14-35625368AE8D",
"versionEndExcluding": "19.2.2",
"versionStartIncluding": "19.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:20.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF9C5E2-1A91-43A0-8F51-05A2E204BF01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3414A3DC-8CF2-41B5-BD73-127712934DE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:cisco:vmanage_network_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9794CD-0EE1-4203-A232-9365D4AEE837",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16884C-A2EE-4867-8806-6418E000078C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el software Cisco SD-WAN Solution, podr\u00eda permitir a un atacante local autenticado elevar los privilegios a root sobre el sistema operativo subyacente. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n dise\u00f1ada hacia un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante alcanzar privilegios de nivel root."
}
],
"id": "CVE-2020-3265",
"lastModified": "2024-11-21T05:30:41.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-19T16:15:15.613",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-19 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFBD73B-485E-4E85-9BD2-458BF0118A77",
"versionEndExcluding": "18.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "668E1C16-F991-4BB9-AF14-35625368AE8D",
"versionEndExcluding": "19.2.2",
"versionStartIncluding": "19.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:20.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF9C5E2-1A91-43A0-8F51-05A2E204BF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:20.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4397A977-28D9-4191-A87C-E2A328C9B82E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3414A3DC-8CF2-41B5-BD73-127712934DE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:cisco:vmanage_network_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9794CD-0EE1-4203-A232-9365D4AEE837",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16884C-A2EE-4867-8806-6418E000078C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el software Cisco SD-WAN Solution, podr\u00eda permitir a un atacante local autenticado causar un desbordamiento del b\u00fafer sobre un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico dise\u00f1ado hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante conseguir acceso a informaci\u00f3n a la que no est\u00e1 autorizado y acceder a cambios en el sistema que no est\u00e1 autorizado a realizar."
}
],
"id": "CVE-2020-3264",
"lastModified": "2024-11-21T05:30:41.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-19T16:15:15.487",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-19 16:15
Modified
2024-11-21 04:29
Severity ?
Summary
A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD64DC2A-34EF-4DBC-A08B-39671B279310",
"versionEndExcluding": "19.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la Interfaz de Usuario web del software Cisco SD-WAN Solution vManage, podr\u00eda permitir a un atacante remoto autenticado conducir ataques de inyecci\u00f3n SQL en un sistema afectado. La vulnerabilidad se presenta porque la Interfaz de Usuario web comprueba inapropiadamente los valores de SQL. Un atacante podr\u00eda explotar esta vulnerabilidad al autenticarse en la aplicaci\u00f3n y al enviar consultas SQL maliciosas hacia un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante modificar valores o devolver valores desde la base de datos subyacente, as\u00ed como desde el sistema operativo."
}
],
"id": "CVE-2019-16012",
"lastModified": "2024-11-21T04:29:55.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-19T16:15:14.627",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFED2F3-4C18-4BE5-9F97-2CFCE37E7A2E",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B89D5AE2-3ED3-4C57-AF93-E9750D38F029",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE3B3E4-CE46-454C-B7A1-2A42657C7035",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50C849A5-EBF4-4CD7-93AE-503C3E0B7A05",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "834192CC-585D-445E-B2AD-D73E9CDF3FED",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "9D905B3F-094C-472C-AAAD-A4129282E942",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12136AD8-9113-46B9-B6A9-0C330ABB05B9",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "772B02D0-4C02-4C27-AAA4-AF0BAF00A047",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "829BA8C4-8E99-4338-817B-9F9FF37105BE",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6375DFCF-2EEB-482B-AAD4-8FAB8F03C9C0",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7DE9EC-0075-4655-A888-A4ED3DB002A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "200199EC-2819-4DE0-828C-0F56790CA1B4",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "104BBAE4-C7C1-4E5A-A540-AF679FCE1CD2",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "9E03BDAC-9DF0-444D-B5C8-483892B31982",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E479E1A4-0F80-4FDC-8F9F-9E23A885179A",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "584863D2-B181-4CDF-8266-EEBA56A5AA85",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "BADF97B2-33D0-4A28-BDFC-CBD3A235EF5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4288CD57-CDEE-4B03-8163-7CDDE7767914",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50C0D971-E2C4-4048-A08F-0A5D437866F8",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "1E998DFA-CE7F-4954-AB06-CBB15317C6A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12136AD8-9113-46B9-B6A9-0C330ABB05B9",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "772B02D0-4C02-4C27-AAA4-AF0BAF00A047",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "430D9FAC-36E8-4AB0-85F2-88D7EF1F6B7A",
"versionEndExcluding": "20.4.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBBDE43-BBAE-431B-AF56-73D9CC8743F7",
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "C0D58D17-951F-446E-8004-A489E3A9725E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94999112-9EAA-4707-B002-F867D7628C49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en Cisco SD-WAN vEdge Software, podr\u00edan permitir a un atacante ejecutar c\u00f3digo arbitrario como usuario root o causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1509",
"lastModified": "2024-11-21T05:44:30.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-06T13:15:10.723",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | sd-wan_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000 | - | |
| cisco | vedge_100b | - | |
| cisco | vedge_100m | - | |
| cisco | vedge_100wm | - | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000 | - | |
| cisco | vbond_orchestrator | - | |
| cisco | vsmart_controller | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "484C01EF-C2DE-43DB-8C3F-C2C013A182FE",
"versionEndExcluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA648664-0734-4D02-8944-CA4DF4D756D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16884C-A2EE-4867-8806-6418E000078C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco SD-WAN Solution Software podr\u00eda permitir a un atacante local autenticado elevar los privilegios a Administrator en el sistema operativo subyacente. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n dise\u00f1ada hacia un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante conseguir privilegios administrativos"
}
],
"id": "CVE-2020-3379",
"lastModified": "2024-11-21T05:30:54.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-16T18:15:18.690",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to the affected web-based management interface. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and could result in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0D4C4CE-E286-45C7-AFA7-B876D15C6FCD",
"versionEndExcluding": "19.2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D243D326-0D82-4B1E-A306-B8FDBA940F63",
"versionEndExcluding": "20.1.12",
"versionStartIncluding": "20.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to the affected web-based management interface. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and could result in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco SD-WAN vManage Software podr\u00eda permitir a un atacante remoto autenticado consumir memoria excesiva del sistema y causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre un sistema afectado. La vulnerabilidad es debido a una gesti\u00f3n de memoria ineficiente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una gran cantidad de peticiones HTTP dise\u00f1adas a la interfaz de administraci\u00f3n basada en web afectada. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante agotar la memoria del sistema, lo que podr\u00eda causar que el sistema deje de procesar nuevas conexiones y podr\u00eda resultar en una condici\u00f3n DoS"
}
],
"id": "CVE-2020-3372",
"lastModified": "2024-11-21T05:30:54.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-16T18:15:18.487",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-24 15:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the save command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/106716 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106716 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | sd-wan | * | |
| cisco | vbond_orchestrator | - | |
| cisco | vmanage_network_management | - | |
| cisco | vsmart_controller | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8569BEE0-3BDA-4349-9FAC-6ACE0A4E3C28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93A1525E-AB99-4217-8C31-1F040710B155",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50272035-AE86-4BD5-88FA-929157267BC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE381F7-295F-4F05-84B0-3F07E099AD59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "698D777B-1AB1-4A54-98EC-8948BF287DA9",
"versionEndExcluding": "18.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA648664-0734-4D02-8944-CA4DF4D756D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vmanage_network_management:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF9528B-1D1E-4CF2-ABA8-D01CC6F4A8BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16884C-A2EE-4867-8806-6418E000078C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the save command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la soluci\u00f3n Cisco SD-WAN podr\u00eda permitir a un atacante remoto autenticado sobrescribir archivos arbitrarios en el sistema operativo subyacente de un dispositivo afectado. La vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta del comando save en la interfaz de l\u00ednea de comandos (CLI) del software afectado. Un atacante podr\u00eda explotar esta vulnerabilidad modificando el comando save en la CLI de un dispositivo afectado. Si se explota esta vulnerabilidad con \u00e9xito, el atacante podr\u00eda sobrescribir archivos arbitrarios en el sistema operativo subyacente de un dispositivo afectado y escalar sus privilegios a usuario root."
}
],
"id": "CVE-2019-1650",
"lastModified": "2024-11-21T04:37:00.823",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-24T15:29:00.830",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106716"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F82F7DA1-8396-4BCF-9FA2-F88B2B6B35CB",
"versionEndExcluding": "18.3.6",
"versionStartIncluding": "18.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC62B7F1-C94F-4943-AF83-2DB6D7B1C710",
"versionEndExcluding": "18.4.5",
"versionStartIncluding": "18.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C11C806-7F69-49D3-A3F5-D6B2AA809D22",
"versionEndExcluding": "19.2.2",
"versionStartIncluding": "19.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco SD-WAN Solution Software podr\u00eda permitir a un atacante local no autenticado acceder a un dispositivo afectado mediante el uso de una cuenta que tenga una contrase\u00f1a est\u00e1tica predeterminada. Esta cuenta presenta privilegios root. La vulnerabilidad se presenta porque el software afectado presenta una cuenta de usuario con una contrase\u00f1a est\u00e1tica predeterminada. Un atacante podr\u00eda explotar esta vulnerabilidad al conectarse remotamente a un sistema afectado mediante el uso de esta cuenta. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante iniciar sesi\u00f3n mediante el uso de esta cuenta con privilegios root"
}
],
"id": "CVE-2020-3180",
"lastModified": "2024-11-21T05:30:29.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-16T18:15:16.940",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-24 15:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/106723 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106723 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | sd-wan | * | |
| cisco | vbond_orchestrator | - | |
| cisco | vmanage_network_management | - | |
| cisco | vsmart_controller | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8569BEE0-3BDA-4349-9FAC-6ACE0A4E3C28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93A1525E-AB99-4217-8C31-1F040710B155",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50272035-AE86-4BD5-88FA-929157267BC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE381F7-295F-4F05-84B0-3F07E099AD59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "698D777B-1AB1-4A54-98EC-8948BF287DA9",
"versionEndExcluding": "18.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA648664-0734-4D02-8944-CA4DF4D756D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vmanage_network_management:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF9528B-1D1E-4CF2-ABA8-D01CC6F4A8BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16884C-A2EE-4867-8806-6418E000078C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de l\u00ednea de comandos (CLI) local de la soluci\u00f3n Cisco SD-WAN podr\u00eda permitir a un atacante local autenticado escalar privilegios y modificar los archivos de configuraci\u00f3n de dispositivo. La vulnerabilidad existe porque las entradas del usuario no se sanean de manera correcta para determinados comandos en la CLI. Un atacante podr\u00eda explotar esta vulnerabilidad enviando comandos manipulados a la CLI de un dispositivo afectado. Un exploit con \u00e9xito podr\u00eda permitir que el atacante establezca una sesi\u00f3n interactiva con privilegios escalados. Posteriormente, el atacante podr\u00eda utilizar dichos privilegios elevados para comprometer el dispositivo u obtener datos de configuraci\u00f3n adicionales."
}
],
"id": "CVE-2019-1646",
"lastModified": "2024-11-21T04:37:00.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-24T15:29:00.643",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106723"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}