var-202109-0385
Vulnerability from variot
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information. SD-WAN The software contains an information disclosure vulnerability through an error message.Information may be obtained. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202109-0385", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "vedge 100wm", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2" }, { "model": "sd-wan vbond orchestrator", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "18.4" }, { "model": "vedge 100m", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "18.4" }, { "model": "vedge 1000", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "vedge 2000", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "vedge 100m", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.2" }, { "model": "vedge 1000", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "18.4" }, { "model": "vedge 2000", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "sd-wan vbond orchestrator", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "vedge 1000", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.2" }, { "model": "sd-wan vbond orchestrator", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.2" }, { "model": "vedge 1000", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2" }, { "model": "vedge 100m", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2" }, { "model": "vedge 100", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "vedge 2000", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "18.4" }, { "model": "vedge 100", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "vedge cloud", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "sd-wan vbond orchestrator", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2" }, { "model": "vedge cloud", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "vedge 2000", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "vsmart controller", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "vedge 100b", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "vsmart controller", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "vedge 2000", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.2" }, { "model": "vedge cloud", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "vedge 100b", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "vedge 100", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "18.4" }, { "model": "vedge cloud", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "18.4" }, { "model": "vsmart controller", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "vedge 100wm", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "vedge 5000", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "vedge 100wm", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "vedge 5000", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "vedge 5000", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "vedge cloud", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.2" }, { "model": "vedge 100", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "vedge 100b", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "vsmart controller", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.2" }, { "model": "vedge 2000", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2" }, { "model": "vedge 5000", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.2" }, { "model": "vsmart controller", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "18.4" }, { "model": "vedge cloud", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2" }, { "model": "vedge 100", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.2" }, { "model": "vedge 100b", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.2" }, { "model": "vedge 100b", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "18.4" }, { "model": "catalyst sd-wan manager", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "sd-wan vmanage", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "vsmart controller", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2" }, { "model": "vedge 100", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2" }, { "model": "vedge 100wm", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "18.4" }, { "model": "vedge 5000", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2" }, { "model": "vedge 5000", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "18.4" }, { "model": "catalyst sd-wan manager", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "sd-wan vbond orchestrator", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "sd-wan vbond orchestrator", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "vedge 100b", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2" }, { "model": "vedge 100m", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "sd-wan vmanage", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.2" }, { "model": "vedge 100wm", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "catalyst sd-wan manager", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "18.4" }, { "model": "vedge 1000", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "vedge 100m", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "vedge 100wm", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.2" }, { "model": "vedge 1000", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "catalyst sd-wan manager", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2" }, { "model": "vedge 100m", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "vsmart controller", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "vedge 1000", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco sd-wan vbond orchestrator", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "vedge 100", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "vedge 100b", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "vedge 100wm", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco sd-wan vmanage", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "vedge 2000", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "vedge 5000", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "vedge cloud", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "vedge 100m", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-012516" }, { "db": "NVD", "id": "CVE-2021-1546" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.1", "versionStartIncluding": "20.6", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.2", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.2", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2", "versionStartIncluding": "18.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.1", "versionStartIncluding": "20.6", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2", "versionStartIncluding": "18.4", "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2", "versionStartIncluding": "18.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.2", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.1", "versionStartIncluding": "20.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:vsmart_controller:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2", "versionStartIncluding": "18.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.2", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.1", "versionStartIncluding": "20.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2", "versionStartIncluding": "18.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.2", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.1", "versionStartIncluding": "20.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2", "versionStartIncluding": "18.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.2", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.1", "versionStartIncluding": "20.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2", "versionStartIncluding": "18.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.2", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.1", "versionStartIncluding": "20.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2", "versionStartIncluding": "18.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.2", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.1", "versionStartIncluding": "20.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2", "versionStartIncluding": "18.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.2", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.1", "versionStartIncluding": "20.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2", "versionStartIncluding": "18.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.2", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.1", "versionStartIncluding": "20.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2", "versionStartIncluding": "18.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.2", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.1", "versionStartIncluding": "20.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-1546" } ] }, "cve": "CVE-2021-1546", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 2.1, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2021-1546", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Low", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-374600", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-1546", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-1546", "trust": 1.8, "value": "MEDIUM" }, { "author": "ykramarz@cisco.com", "id": "CVE-2021-1546", "trust": 1.0, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202109-1579", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-374600", "trust": 0.1, "value": "LOW" }, { "author": "VULMON", "id": "CVE-2021-1546", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-374600" }, { "db": "VULMON", "id": "CVE-2021-1546" }, { "db": "JVNDB", "id": "JVNDB-2021-012516" }, { "db": "NVD", "id": "CVE-2021-1546" }, { "db": "NVD", "id": "CVE-2021-1546" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202109-1579" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information. SD-WAN The software contains an information disclosure vulnerability through an error message.Information may be obtained. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", "sources": [ { "db": "NVD", "id": "CVE-2021-1546" }, { "db": "JVNDB", "id": "JVNDB-2021-012516" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "VULHUB", "id": "VHN-374600" }, { "db": "VULMON", "id": "CVE-2021-1546" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-1546", "trust": 3.4 }, { "db": "JVNDB", "id": "JVNDB-2021-012516", "trust": 0.8 }, { "db": "CS-HELP", "id": "SB2021041363", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.3475", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.3182", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021092419", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202109-1579", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-374600", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2021-1546", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-374600" }, { "db": "VULMON", "id": "CVE-2021-1546" }, { "db": "JVNDB", "id": "JVNDB-2021-012516" }, { "db": "NVD", "id": "CVE-2021-1546" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202109-1579" } ] }, "id": "VAR-202109-0385", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-374600" } ], "trust": 0.87702705 }, "last_update_date": "2023-12-18T11:48:08.553000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "cisco-sa-sd-wan-Fhqh8pKX", "trust": 0.8, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sd-wan-fhqh8pkx" }, { "title": "Cisco Sd-Wan Software Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=163447" }, { "title": "Cisco: Cisco SD-WAN Software Information Disclosure Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sd-wan-fhqh8pkx" } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-1546" }, { "db": "JVNDB", "id": "JVNDB-2021-012516" }, { "db": "CNNVD", "id": "CNNVD-202109-1579" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-209", "trust": 1.1 }, { "problemtype": "Information leakage due to error message (CWE-209) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-374600" }, { "db": "JVNDB", "id": "JVNDB-2021-012516" }, { "db": "NVD", "id": "CVE-2021-1546" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sd-wan-fhqh8pkx" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1546" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021092419" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.3475" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.3182" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/cisco-sd-wan-software-file-reading-via-cli-command-36529" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/209.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULHUB", "id": "VHN-374600" }, { "db": "VULMON", "id": "CVE-2021-1546" }, { "db": "JVNDB", "id": "JVNDB-2021-012516" }, { "db": "NVD", "id": "CVE-2021-1546" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202109-1579" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-374600" }, { "db": "VULMON", "id": "CVE-2021-1546" }, { "db": "JVNDB", "id": "JVNDB-2021-012516" }, { "db": "NVD", "id": "CVE-2021-1546" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202109-1579" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-09-23T00:00:00", "db": "VULHUB", "id": "VHN-374600" }, { "date": "2021-09-23T00:00:00", "db": "VULMON", "id": "CVE-2021-1546" }, { "date": "2022-09-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-012516" }, { "date": "2021-09-23T03:15:11.183000", "db": "NVD", "id": "CVE-2021-1546" }, { "date": "2021-04-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2021-09-22T00:00:00", "db": "CNNVD", "id": "CNNVD-202109-1579" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-09-30T00:00:00", "db": "VULHUB", "id": "VHN-374600" }, { "date": "2021-09-30T00:00:00", "db": "VULMON", "id": "CVE-2021-1546" }, { "date": "2022-09-01T05:30:00", "db": "JVNDB", "id": "JVNDB-2021-012516" }, { "date": "2023-11-07T03:28:35.463000", "db": "NVD", "id": "CVE-2021-1546" }, { "date": "2021-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2023-06-20T00:00:00", "db": "CNNVD", "id": "CNNVD-202109-1579" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202109-1579" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SD-WAN\u00a0 Software error message information disclosure vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-012516" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202109-1579" } ], "trust": 1.2 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.