VAR-202106-0902
Vulnerability from variot - Updated: 2023-12-18 10:46A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user. Cisco SD-WAN The software contains a vulnerability in execution with unnecessary privileges.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Cisco SD-WAN Solution is a set of network expansion solutions of Cisco (Cisco)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-0902",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vedge 100wm",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2"
},
{
"model": "vedge 2000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vsmart controller",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "catalyst sd-wan manager",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 5000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 100",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 5000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 1000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2"
},
{
"model": "vedge 100m",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2"
},
{
"model": "vedge 100",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge cloud",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2"
},
{
"model": "vedge 1000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "catalyst sd-wan manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 100m",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 100wm",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 100b",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 100wm",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 100m",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vsmart controller",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 2000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 5000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 1000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 2000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2"
},
{
"model": "catalyst sd-wan manager",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge cloud",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2"
},
{
"model": "vsmart controller",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 100",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge cloud",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 5000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2"
},
{
"model": "vedge 100",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 100m",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2"
},
{
"model": "vedge 1000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 2000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 100b",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vsmart controller",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge cloud",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 100wm",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "catalyst sd-wan manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2"
},
{
"model": "vsmart controller",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 2000",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 5000",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 1000",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 100wm",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 100m",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sd-wan vmanage",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sd-wan vbond orchestrator",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 100b",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 100",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007750"
},
{
"db": "NVD",
"id": "CVE-2021-1528"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:vsmart_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:vsmart_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.2",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.5.1",
"versionStartIncluding": "20.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-1528"
}
]
},
"cve": "CVE-2021-1528",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2021-1528",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-374582",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-1528",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-1528",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2021-1528",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202106-122",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-374582",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-374582"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007750"
},
{
"db": "NVD",
"id": "CVE-2021-1528"
},
{
"db": "NVD",
"id": "CVE-2021-1528"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-122"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user. Cisco SD-WAN The software contains a vulnerability in execution with unnecessary privileges.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Cisco SD-WAN Solution is a set of network expansion solutions of Cisco (Cisco)",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-1528"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007750"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULHUB",
"id": "VHN-374582"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-1528",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007750",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021060305",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1905",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202106-122",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-374582",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-374582"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007750"
},
{
"db": "NVD",
"id": "CVE-2021-1528"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-122"
}
]
},
"id": "VAR-202106-0902",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-374582"
}
],
"trust": 0.87702705
},
"last_update_date": "2023-12-18T10:46:24.839000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-sd-wan-fuErCWwF",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sd-wan-fuercwwf"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007750"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-250",
"trust": 1.1
},
{
"problemtype": "Execution with unnecessary privileges (CWE-250) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-374582"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007750"
},
{
"db": "NVD",
"id": "CVE-2021-1528"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sd-wan-fuercwwf"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-1528"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1905"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021060305"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/cisco-sd-wan-software-privilege-escalation-via-privileged-processes-35594"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-374582"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007750"
},
{
"db": "NVD",
"id": "CVE-2021-1528"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-122"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-374582"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007750"
},
{
"db": "NVD",
"id": "CVE-2021-1528"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-122"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-04T00:00:00",
"db": "VULHUB",
"id": "VHN-374582"
},
{
"date": "2022-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007750"
},
{
"date": "2021-06-04T17:15:09.020000",
"db": "NVD",
"id": "CVE-2021-1528"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-06-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-122"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-14T00:00:00",
"db": "VULHUB",
"id": "VHN-374582"
},
{
"date": "2022-02-22T07:06:00",
"db": "JVNDB",
"id": "JVNDB-2021-007750"
},
{
"date": "2023-11-07T03:28:32.447000",
"db": "NVD",
"id": "CVE-2021-1528"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-06-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-122"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-122"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco\u00a0SD-WAN\u00a0 Unnecessary privileged execution vulnerabilities in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007750"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-122"
}
],
"trust": 1.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…