Vulnerabilites related to cisco - ios_xe_sd-wan
CVE-2021-1241 (GCVE-0-2021-1241)
Vulnerability from cvelistv5
Published
2021-01-20 20:10
Modified
2024-11-12 20:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:04:52.924039Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:20:20.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T20:10:48",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"source": {
"advisory": "cisco-sa-sdwan-dosmulti-48jJuEUP",
"defect": [
[
"CSCvq20708",
"CSCvt11522",
"CSCvt11523",
"CSCvt11530",
"CSCvu28409",
"CSCvu31763"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Denial of Service Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-20T16:00:00",
"ID": "CVE-2021-1241",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Denial of Service Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-dosmulti-48jJuEUP",
"defect": [
[
"CSCvq20708",
"CSCvt11522",
"CSCvt11523",
"CSCvt11530",
"CSCvu28409",
"CSCvu31763"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1241",
"datePublished": "2021-01-20T20:10:49.084947Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-12T20:20:20.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1300 (GCVE-0-2021-1300)
Vulnerability from cvelistv5
Published
2021-01-20 19:55
Modified
2024-11-12 20:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.505Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Buffer Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1300",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T19:57:03.730870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:27:23.780Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T19:55:45",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Buffer Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj"
}
],
"source": {
"advisory": "cisco-sa-sdwan-bufovulns-B5NrSHbj",
"defect": [
[
"CSCvi69895",
"CSCvt11525"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Buffer Overflow Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-20T16:00:00",
"ID": "CVE-2021-1300",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Buffer Overflow Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210120 Cisco SD-WAN Buffer Overflow Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-bufovulns-B5NrSHbj",
"defect": [
[
"CSCvi69895",
"CSCvt11525"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1300",
"datePublished": "2021-01-20T19:55:45.731205Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-12T20:27:23.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1383 (GCVE-0-2021-1383)
Vulnerability from cvelistv5
Published
2021-03-24 20:07
Modified
2024-11-08 17:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU | vendor-advisory, x_refsource_CISCO | |
| https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:16.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1383",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T17:53:18.298543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T17:53:28.997Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-22T16:14:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r"
}
],
"source": {
"advisory": "cisco-sa-xesdwpinj-V4weeqzU",
"defect": [
[
"CSCvk59304",
"CSCvw64834"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-03-24T16:00:00",
"ID": "CVE-2021-1383",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.0",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
},
{
"name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r",
"refsource": "MISC",
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r"
}
]
},
"source": {
"advisory": "cisco-sa-xesdwpinj-V4weeqzU",
"defect": [
[
"CSCvk59304",
"CSCvw64834"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1383",
"datePublished": "2021-03-24T20:07:41.020351Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T17:53:28.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20455 (GCVE-0-2024-20455)
Vulnerability from cvelistv5
Published
2024-09-25 16:18
Modified
2024-09-25 19:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-371 - State Issues
Summary
A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability exists because UTD improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. An attacker could exploit this vulnerability by sending crafted traffic through an SD-WAN IPsec tunnel that is configured on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Note: SD-WAN tunnels that are configured with Generic Routing Encapsulation (GRE) are not affected by this vulnerability.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco IOS XE Software |
Version: 17.1.1 Version: 17.1.1a Version: 17.1.1s Version: 17.1.1t Version: 17.1.3 Version: 17.2.1 Version: 17.2.1r Version: 17.2.1a Version: 17.2.1v Version: 17.2.2 Version: 17.2.3 Version: 17.3.1 Version: 17.3.2 Version: 17.3.3 Version: 17.3.1a Version: 17.3.1w Version: 17.3.2a Version: 17.3.1x Version: 17.3.1z Version: 17.3.4 Version: 17.3.5 Version: 17.3.4a Version: 17.3.6 Version: 17.3.4b Version: 17.3.4c Version: 17.3.5a Version: 17.3.5b Version: 17.3.7 Version: 17.3.8 Version: 17.3.8a Version: 17.4.1 Version: 17.4.2 Version: 17.4.1a Version: 17.4.1b Version: 17.4.2a Version: 17.5.1 Version: 17.5.1a Version: 17.6.1 Version: 17.6.2 Version: 17.6.1w Version: 17.6.1a Version: 17.6.1x Version: 17.6.3 Version: 17.6.1y Version: 17.6.1z Version: 17.6.3a Version: 17.6.4 Version: 17.6.1z1 Version: 17.6.5 Version: 17.6.6 Version: 17.6.6a Version: 17.6.5a Version: 17.7.1 Version: 17.7.1a Version: 17.7.1b Version: 17.7.2 Version: 17.10.1 Version: 17.10.1a Version: 17.10.1b Version: 17.8.1 Version: 17.8.1a Version: 17.9.1 Version: 17.9.1w Version: 17.9.2 Version: 17.9.1a Version: 17.9.1x Version: 17.9.1y Version: 17.9.3 Version: 17.9.2a Version: 17.9.1x1 Version: 17.9.3a Version: 17.9.4 Version: 17.9.1y1 Version: 17.9.5 Version: 17.9.4a Version: 17.9.5a Version: 17.9.5b Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1w Version: 17.12.1a Version: 17.12.2 Version: 17.12.2a Version: 17.13.1 Version: 17.13.1a Version: 17.11.99SW |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ios_xe",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "17.1.1a"
},
{
"status": "affected",
"version": "17.1.1s"
},
{
"status": "affected",
"version": "17.1.1t"
},
{
"status": "affected",
"version": "17.1.3"
},
{
"status": "affected",
"version": "17.2.1"
},
{
"status": "affected",
"version": "17.2.1r"
},
{
"status": "affected",
"version": "17.2.1a"
},
{
"status": "affected",
"version": "17.2.1v"
},
{
"status": "affected",
"version": "17.2.2"
},
{
"status": "affected",
"version": "17.2.3"
},
{
"status": "affected",
"version": "17.3.1"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.3.1a"
},
{
"status": "affected",
"version": "17.3.1w"
},
{
"status": "affected",
"version": "17.3.2a"
},
{
"status": "affected",
"version": "17.3.1x"
},
{
"status": "affected",
"version": "17.3.1z"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.3.4a"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "17.3.4b"
},
{
"status": "affected",
"version": "17.3.4c"
},
{
"status": "affected",
"version": "17.3.5a"
},
{
"status": "affected",
"version": "17.3.5b"
},
{
"status": "affected",
"version": "17.3.7"
},
{
"status": "affected",
"version": "17.3.8"
},
{
"status": "affected",
"version": "17.3.8a"
},
{
"status": "affected",
"version": "17.4.1"
},
{
"status": "affected",
"version": "17.4.2"
},
{
"status": "affected",
"version": "17.4.1a"
},
{
"status": "affected",
"version": "17.4.1b"
},
{
"status": "affected",
"version": "17.4.2a"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "17.5.1a"
},
{
"status": "affected",
"version": "17.6.1"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.6.1w"
},
{
"status": "affected",
"version": "17.6.1a"
},
{
"status": "affected",
"version": "17.6.1x"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.6.1y"
},
{
"status": "affected",
"version": "17.6.1z"
},
{
"status": "affected",
"version": "17.6.3a"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.6.1z1"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.6.6"
},
{
"status": "affected",
"version": "17.6.6a"
},
{
"status": "affected",
"version": "17.6.5a"
},
{
"status": "affected",
"version": "17.7.1"
},
{
"status": "affected",
"version": "17.7.1a"
},
{
"status": "affected",
"version": "17.7.1b"
},
{
"status": "affected",
"version": "17.7.2"
},
{
"status": "affected",
"version": "17.10.1"
},
{
"status": "affected",
"version": "17.10.1a"
},
{
"status": "affected",
"version": "17.10.1b"
},
{
"status": "affected",
"version": "17.8.1"
},
{
"status": "affected",
"version": "17.8.1a"
},
{
"status": "affected",
"version": "17.9.1"
},
{
"status": "affected",
"version": "17.9.1w"
},
{
"status": "affected",
"version": "17.9.2"
},
{
"status": "affected",
"version": "17.9.1a"
},
{
"status": "affected",
"version": "17.9.1x"
},
{
"status": "affected",
"version": "17.9.1y"
},
{
"status": "affected",
"version": "17.9.3"
},
{
"status": "affected",
"version": "17.9.2a"
},
{
"status": "affected",
"version": "17.9.1x1"
},
{
"status": "affected",
"version": "17.9.3a"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.9.1y1"
},
{
"status": "affected",
"version": "17.9.5"
},
{
"status": "affected",
"version": "17.9.4a"
},
{
"status": "affected",
"version": "17.9.5a"
},
{
"status": "affected",
"version": "17.9.5b"
},
{
"status": "affected",
"version": "17.11.1"
},
{
"status": "affected",
"version": "17.11.1a"
},
{
"status": "affected",
"version": "17.12.1"
},
{
"status": "affected",
"version": "17.12.1w"
},
{
"status": "affected",
"version": "17.12.1a"
},
{
"status": "affected",
"version": "17.12.2"
},
{
"status": "affected",
"version": "17.12.2a"
},
{
"status": "affected",
"version": "17.13.1"
},
{
"status": "affected",
"version": "17.13.1a"
},
{
"status": "affected",
"version": "17.11.99sw"
}
]
},
{
"cpes": [
"cpe:2.3:o:cisco:ios_xe_catalyst_sd-wan:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ios_xe_catalyst_sd-wan",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "17.5.1a"
},
{
"status": "affected",
"version": "17.6.1a"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.7.1a"
},
{
"status": "affected",
"version": "17.9.1a"
},
{
"status": "affected",
"version": "17.9.2a"
},
{
"status": "affected",
"version": "17.9.3a"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.8.1a"
},
{
"status": "affected",
"version": "17.10.1a"
},
{
"status": "affected",
"version": "17.11.1a"
},
{
"status": "affected",
"version": "17.12.1a"
},
{
"status": "affected",
"version": "17.13.1a"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20455",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T19:29:31.898015Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T19:47:05.368Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "17.1.1a"
},
{
"status": "affected",
"version": "17.1.1s"
},
{
"status": "affected",
"version": "17.1.1t"
},
{
"status": "affected",
"version": "17.1.3"
},
{
"status": "affected",
"version": "17.2.1"
},
{
"status": "affected",
"version": "17.2.1r"
},
{
"status": "affected",
"version": "17.2.1a"
},
{
"status": "affected",
"version": "17.2.1v"
},
{
"status": "affected",
"version": "17.2.2"
},
{
"status": "affected",
"version": "17.2.3"
},
{
"status": "affected",
"version": "17.3.1"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.3.1a"
},
{
"status": "affected",
"version": "17.3.1w"
},
{
"status": "affected",
"version": "17.3.2a"
},
{
"status": "affected",
"version": "17.3.1x"
},
{
"status": "affected",
"version": "17.3.1z"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.3.4a"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "17.3.4b"
},
{
"status": "affected",
"version": "17.3.4c"
},
{
"status": "affected",
"version": "17.3.5a"
},
{
"status": "affected",
"version": "17.3.5b"
},
{
"status": "affected",
"version": "17.3.7"
},
{
"status": "affected",
"version": "17.3.8"
},
{
"status": "affected",
"version": "17.3.8a"
},
{
"status": "affected",
"version": "17.4.1"
},
{
"status": "affected",
"version": "17.4.2"
},
{
"status": "affected",
"version": "17.4.1a"
},
{
"status": "affected",
"version": "17.4.1b"
},
{
"status": "affected",
"version": "17.4.2a"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "17.5.1a"
},
{
"status": "affected",
"version": "17.6.1"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.6.1w"
},
{
"status": "affected",
"version": "17.6.1a"
},
{
"status": "affected",
"version": "17.6.1x"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.6.1y"
},
{
"status": "affected",
"version": "17.6.1z"
},
{
"status": "affected",
"version": "17.6.3a"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.6.1z1"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.6.6"
},
{
"status": "affected",
"version": "17.6.6a"
},
{
"status": "affected",
"version": "17.6.5a"
},
{
"status": "affected",
"version": "17.7.1"
},
{
"status": "affected",
"version": "17.7.1a"
},
{
"status": "affected",
"version": "17.7.1b"
},
{
"status": "affected",
"version": "17.7.2"
},
{
"status": "affected",
"version": "17.10.1"
},
{
"status": "affected",
"version": "17.10.1a"
},
{
"status": "affected",
"version": "17.10.1b"
},
{
"status": "affected",
"version": "17.8.1"
},
{
"status": "affected",
"version": "17.8.1a"
},
{
"status": "affected",
"version": "17.9.1"
},
{
"status": "affected",
"version": "17.9.1w"
},
{
"status": "affected",
"version": "17.9.2"
},
{
"status": "affected",
"version": "17.9.1a"
},
{
"status": "affected",
"version": "17.9.1x"
},
{
"status": "affected",
"version": "17.9.1y"
},
{
"status": "affected",
"version": "17.9.3"
},
{
"status": "affected",
"version": "17.9.2a"
},
{
"status": "affected",
"version": "17.9.1x1"
},
{
"status": "affected",
"version": "17.9.3a"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.9.1y1"
},
{
"status": "affected",
"version": "17.9.5"
},
{
"status": "affected",
"version": "17.9.4a"
},
{
"status": "affected",
"version": "17.9.5a"
},
{
"status": "affected",
"version": "17.9.5b"
},
{
"status": "affected",
"version": "17.11.1"
},
{
"status": "affected",
"version": "17.11.1a"
},
{
"status": "affected",
"version": "17.12.1"
},
{
"status": "affected",
"version": "17.12.1w"
},
{
"status": "affected",
"version": "17.12.1a"
},
{
"status": "affected",
"version": "17.12.2"
},
{
"status": "affected",
"version": "17.12.2a"
},
{
"status": "affected",
"version": "17.13.1"
},
{
"status": "affected",
"version": "17.13.1a"
},
{
"status": "affected",
"version": "17.11.99SW"
}
]
},
{
"product": "Cisco IOS XE Catalyst SD-WAN",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "17.5.1a"
},
{
"status": "affected",
"version": "17.6.1a"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.7.1a"
},
{
"status": "affected",
"version": "17.9.1a"
},
{
"status": "affected",
"version": "17.9.2a"
},
{
"status": "affected",
"version": "17.9.3a"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.8.1a"
},
{
"status": "affected",
"version": "17.10.1a"
},
{
"status": "affected",
"version": "17.11.1a"
},
{
"status": "affected",
"version": "17.12.1a"
},
{
"status": "affected",
"version": "17.13.1a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability exists because UTD improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. An attacker could exploit this vulnerability by sending crafted traffic through an SD-WAN IPsec tunnel that is configured on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\n\r Note: SD-WAN tunnels that are configured with Generic Routing Encapsulation (GRE) are not affected by this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-371",
"description": "State Issues",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T16:27:24.944Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sdwan-utd-dos-hDATqxs",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs"
}
],
"source": {
"advisory": "cisco-sa-sdwan-utd-dos-hDATqxs",
"defects": [
"CSCwi07137"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20455",
"datePublished": "2024-09-25T16:18:50.066Z",
"dateReserved": "2023-11-08T15:08:07.679Z",
"dateUpdated": "2024-09-25T19:47:05.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1273 (GCVE-0-2021-1273)
Vulnerability from cvelistv5
Published
2021-01-20 19:56
Modified
2024-11-12 20:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1273",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:05:33.751010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:24:09.004Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T19:56:57",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"source": {
"advisory": "cisco-sa-sdwan-dosmulti-48jJuEUP",
"defect": [
[
"CSCvq20708",
"CSCvt11522",
"CSCvt11523",
"CSCvt11530",
"CSCvu28409",
"CSCvu31763"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Denial of Service Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-20T16:00:00",
"ID": "CVE-2021-1273",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Denial of Service Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-dosmulti-48jJuEUP",
"defect": [
[
"CSCvq20708",
"CSCvt11522",
"CSCvt11523",
"CSCvt11530",
"CSCvu28409",
"CSCvu31763"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1273",
"datePublished": "2021-01-20T19:56:57.444443Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-12T20:24:09.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1305 (GCVE-0-2021-1305)
Vulnerability from cvelistv5
Published
2021-01-20 20:01
Modified
2024-11-12 20:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-abyp-TnGFHrS | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN vManage |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210120 Cisco SD-WAN vManage Authorization Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-abyp-TnGFHrS"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1305",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:26:04.722556Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:20:50.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN vManage",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T20:01:06",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210120 Cisco SD-WAN vManage Authorization Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-abyp-TnGFHrS"
}
],
"source": {
"advisory": "cisco-sa-sdwan-abyp-TnGFHrS",
"defect": [
[
"CSCvi59734",
"CSCvs11283",
"CSCvu28377"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN vManage Authorization Bypass Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-20T16:00:00",
"ID": "CVE-2021-1305",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN vManage Authorization Bypass Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vManage",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210120 Cisco SD-WAN vManage Authorization Bypass Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-abyp-TnGFHrS"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-abyp-TnGFHrS",
"defect": [
[
"CSCvi59734",
"CSCvs11283",
"CSCvu28377"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1305",
"datePublished": "2021-01-20T20:01:06.865098Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-12T20:20:50.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34729 (GCVE-0-2021-34729)
Vulnerability from cvelistv5
Published
2021-09-23 02:26
Modified
2024-11-07 21:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE SD-WAN Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34729",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:43:01.874543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:58:26.237Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE SD-WAN Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:26:36",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3"
}
],
"source": {
"advisory": "cisco-sa-ioxesdwan-clicmdinj-7bYX5k3",
"defect": [
[
"CSCvw54120"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-34729",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE SD-WAN Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3"
}
]
},
"source": {
"advisory": "cisco-sa-ioxesdwan-clicmdinj-7bYX5k3",
"defect": [
[
"CSCvw54120"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34729",
"datePublished": "2021-09-23T02:26:36.609998Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:58:26.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20373 (GCVE-0-2024-20373)
Vulnerability from cvelistv5
Published
2024-11-15 14:52
Modified
2024-11-15 16:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.
This vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials.
SNMP with IPv6 ACL configurations is not affected.
For more information, see the section of this advisory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Catalyst SD-WAN |
Version: 16.10.6 Version: 16.12.3 Version: 16.12.1 Version: 16.10.4 Version: 16.10.5 Version: 16.12.4 Version: 16.10.3 Version: 16.10.3a Version: 16.10.3b Version: 16.11.1s Version: 16.11.1a Version: 16.10.1 Version: 16.11.1f Version: 16.9.4 Version: 16.9.3 Version: 16.10.2 Version: 16.11.1b Version: 16.11.1 Version: 16.12.5 Version: 16.11.1d |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3a:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3b:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1a:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1b:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1d:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1f:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1s:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.9.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ios_xe_catalyst_sd-wan",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "16.10.1"
},
{
"status": "affected",
"version": "16.10.2"
},
{
"status": "affected",
"version": "16.10.3"
},
{
"status": "affected",
"version": "16.10.3a"
},
{
"status": "affected",
"version": "16.10.3b"
},
{
"status": "affected",
"version": "16.10.4"
},
{
"status": "affected",
"version": "16.10.5"
},
{
"status": "affected",
"version": "16.10.6"
},
{
"status": "affected",
"version": "16.11.1"
},
{
"status": "affected",
"version": "16.11.1a"
},
{
"status": "affected",
"version": "16.11.1b"
},
{
"status": "affected",
"version": "16.11.1d"
},
{
"status": "affected",
"version": "16.11.1f"
},
{
"status": "affected",
"version": "16.11.1s"
},
{
"status": "affected",
"version": "16.12.1"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "16.12.5"
},
{
"status": "affected",
"version": "16.9.3"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20373",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:20:19.710967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T16:20:59.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IOS XE Catalyst SD-WAN",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "16.10.6"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "16.12.1"
},
{
"status": "affected",
"version": "16.10.4"
},
{
"status": "affected",
"version": "16.10.5"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "16.10.3"
},
{
"status": "affected",
"version": "16.10.3a"
},
{
"status": "affected",
"version": "16.10.3b"
},
{
"status": "affected",
"version": "16.11.1s"
},
{
"status": "affected",
"version": "16.11.1a"
},
{
"status": "affected",
"version": "16.10.1"
},
{
"status": "affected",
"version": "16.11.1f"
},
{
"status": "affected",
"version": "16.9.4"
},
{
"status": "affected",
"version": "16.9.3"
},
{
"status": "affected",
"version": "16.10.2"
},
{
"status": "affected",
"version": "16.11.1b"
},
{
"status": "affected",
"version": "16.11.1"
},
{
"status": "affected",
"version": "16.12.5"
},
{
"status": "affected",
"version": "16.11.1d"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.\u0026nbsp;\r\n\r\nThis vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials.\r\nSNMP with IPv6 ACL configurations is not affected.\r\nFor more information, see the section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T14:52:34.137Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-snmp-uwBXfqww",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-uwBXfqww"
}
],
"source": {
"advisory": "cisco-sa-snmp-uwBXfqww",
"defects": [
"CSCwe24431"
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS and Cisco IOS XE SNMP Extended ACL Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20373",
"datePublished": "2024-11-15T14:52:34.137Z",
"dateReserved": "2023-11-08T15:08:07.654Z",
"dateUpdated": "2024-11-15T16:20:59.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34725 (GCVE-0-2021-34725)
Vulnerability from cvelistv5
Published
2021-09-23 02:26
Modified
2024-11-07 21:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE SD-WAN Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:43:04.850695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:58:45.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE SD-WAN Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:26:19",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS"
}
],
"source": {
"advisory": "cisco-sa-sdwan-maapi-privesc-KSUg7QSS",
"defect": [
[
"CSCvu26766"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-34725",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE SD-WAN Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-maapi-privesc-KSUg7QSS",
"defect": [
[
"CSCvu26766"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34725",
"datePublished": "2021-09-23T02:26:19.249372Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:58:45.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34724 (GCVE-0-2021-34724)
Vulnerability from cvelistv5
Published
2021-09-23 02:26
Modified
2024-11-07 21:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE SD-WAN Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34724",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:43:06.198044Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:58:53.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE SD-WAN Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:26:13",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD"
}
],
"source": {
"advisory": "cisco-sa-iosxesdwan-privesc-VP4FG3jD",
"defect": [
[
"CSCvw54117"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-34724",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE SD-WAN Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.0",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD"
}
]
},
"source": {
"advisory": "cisco-sa-iosxesdwan-privesc-VP4FG3jD",
"defect": [
[
"CSCvw54117"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34724",
"datePublished": "2021-09-23T02:26:14.010725Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:58:53.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1278 (GCVE-0-2021-1278)
Vulnerability from cvelistv5
Published
2021-01-20 19:56
Modified
2024-11-12 20:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:05:59.298624Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:25:12.150Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T19:56:27",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"source": {
"advisory": "cisco-sa-sdwan-dosmulti-48jJuEUP",
"defect": [
[
"CSCvq20708",
"CSCvt11522",
"CSCvt11523",
"CSCvt11530",
"CSCvu28409",
"CSCvu31763"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Denial of Service Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-20T16:00:00",
"ID": "CVE-2021-1278",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Denial of Service Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-dosmulti-48jJuEUP",
"defect": [
[
"CSCvq20708",
"CSCvt11522",
"CSCvt11523",
"CSCvt11530",
"CSCvu28409",
"CSCvu31763"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1278",
"datePublished": "2021-01-20T19:56:27.964347Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-12T20:25:12.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1529 (GCVE-0-2021-1529)
Vulnerability from cvelistv5
Published
2021-10-21 02:45
Modified
2024-11-07 21:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE SD-WAN Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211020 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1529",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:42:50.706618Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:47:38.698Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE SD-WAN Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-21T02:45:10",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211020 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A"
}
],
"source": {
"advisory": "cisco-sa-sd-wan-rhpbE34A",
"defect": [
[
"CSCvx50713"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-20T16:00:00",
"ID": "CVE-2021-1529",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE SD-WAN Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211020 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A"
}
]
},
"source": {
"advisory": "cisco-sa-sd-wan-rhpbE34A",
"defect": [
[
"CSCvx50713"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1529",
"datePublished": "2021-10-21T02:45:10.183174Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T21:47:38.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1274 (GCVE-0-2021-1274)
Vulnerability from cvelistv5
Published
2021-01-20 19:56
Modified
2024-11-12 20:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1274",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:05:40.920927Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:24:31.551Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T19:56:47",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"source": {
"advisory": "cisco-sa-sdwan-dosmulti-48jJuEUP",
"defect": [
[
"CSCvq20708",
"CSCvt11522",
"CSCvt11523",
"CSCvt11530",
"CSCvu28409",
"CSCvu31763"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Denial of Service Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-20T16:00:00",
"ID": "CVE-2021-1274",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Denial of Service Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-dosmulti-48jJuEUP",
"defect": [
[
"CSCvq20708",
"CSCvt11522",
"CSCvt11523",
"CSCvt11530",
"CSCvu28409",
"CSCvu31763"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1274",
"datePublished": "2021-01-20T19:56:47.754679Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-12T20:24:31.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1619 (GCVE-0-2021-1619)
Vulnerability from cvelistv5
Published
2021-09-23 02:30
Modified
2024-11-07 21:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:11.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1619",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:55:52.696954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:57:46.001Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:30:55",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q"
}
],
"source": {
"advisory": "cisco-sa-aaa-Yx47ZT8Q",
"defect": [
[
"CSCvt53563"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-1619",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-824"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q"
}
]
},
"source": {
"advisory": "cisco-sa-aaa-Yx47ZT8Q",
"defect": [
[
"CSCvt53563"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1619",
"datePublished": "2021-09-23T02:30:56.078204Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T21:57:46.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3216 (GCVE-0-2020-3216)
Vulnerability from cvelistv5
Published
2020-06-03 17:41
Modified
2024-11-15 17:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-auth-b-NzwhJHH7 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE SD-WAN Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:56.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200603 Cisco IOS XE SD-WAN Software Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-auth-b-NzwhJHH7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3216",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:24:22.248950Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:16:51.616Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE SD-WAN Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-03T17:41:22",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200603 Cisco IOS XE SD-WAN Software Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-auth-b-NzwhJHH7"
}
],
"source": {
"advisory": "cisco-sa-auth-b-NzwhJHH7",
"defect": [
[
"CSCvk38480"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE SD-WAN Software Authentication Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-06-03T16:00:00",
"ID": "CVE-2020-3216",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE SD-WAN Software Authentication Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE SD-WAN Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200603 Cisco IOS XE SD-WAN Software Authentication Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-auth-b-NzwhJHH7"
}
]
},
"source": {
"advisory": "cisco-sa-auth-b-NzwhJHH7",
"defect": [
[
"CSCvk38480"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3216",
"datePublished": "2020-06-03T17:41:22.604437Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:16:51.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20352 (GCVE-0-2025-20352)
Vulnerability from cvelistv5
Published
2025-09-24 17:10
Modified
2025-09-30 16:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following:
An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials.
An authenticated, remote attacker with high privileges could execute code as the root user on an affected device that is running Cisco IOS XE Software. To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device.
An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks.
This vulnerability is due to a stack overflow condition in the SNMP subsystem of the affected software. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.
Note: This vulnerability affects all versions of SNMP.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | IOS |
Version: 12.2(55)SE Version: 12.2(55)SE3 Version: 12.2(55)SE2 Version: 12.2(58)SE Version: 12.2(55)SE1 Version: 12.2(58)SE1 Version: 12.2(55)SE4 Version: 12.2(58)SE2 Version: 12.2(55)SE5 Version: 12.2(55)SE6 Version: 12.2(55)SE7 Version: 12.2(55)SE8 Version: 12.2(55)SE9 Version: 12.2(55)SE10 Version: 12.2(55)SE11 Version: 12.2(55)SE12 Version: 12.2(55)SE13 Version: 12.2(58)EZ Version: 12.2(53)EZ Version: 12.2(55)EZ Version: 12.2(60)EZ Version: 12.2(60)EZ1 Version: 12.2(60)EZ2 Version: 12.2(60)EZ3 Version: 12.2(60)EZ4 Version: 12.2(60)EZ5 Version: 12.2(60)EZ6 Version: 12.2(60)EZ7 Version: 12.2(60)EZ8 Version: 12.2(60)EZ9 Version: 12.2(60)EZ10 Version: 12.2(60)EZ11 Version: 12.2(60)EZ12 Version: 12.2(60)EZ13 Version: 12.2(60)EZ14 Version: 12.2(60)EZ15 Version: 12.2(33)SXI2 Version: 12.2(33)SXI3 Version: 12.2(33)SXI5 Version: 12.2(33)SXI4a Version: 12.2(33)SXI4 Version: 12.2(33)SXI2a Version: 12.2(33)SXI Version: 12.2(33)SXI6 Version: 12.2(33)SXI7 Version: 12.2(33)SXI1 Version: 12.2(33)SXI8 Version: 12.2(33)SXI9 Version: 12.2(33)SXI8a Version: 12.2(33)SXI10 Version: 12.2(33)SXI11 Version: 12.2(33)SXI12 Version: 12.2(33)SXI13 Version: 12.2(33)SXI14 Version: 12.2(50)SQ2 Version: 12.2(50)SQ1 Version: 12.2(50)SQ Version: 12.2(50)SQ3 Version: 12.2(50)SQ4 Version: 12.2(50)SQ5 Version: 12.2(50)SQ6 Version: 12.2(50)SQ7 Version: 15.3(1)T Version: 15.3(2)T Version: 15.3(1)T1 Version: 15.3(1)T2 Version: 15.3(1)T3 Version: 15.3(1)T4 Version: 15.3(2)T1 Version: 15.3(2)T2 Version: 15.3(2)T3 Version: 15.3(2)T4 Version: 15.0(1)EY Version: 15.0(1)EY1 Version: 15.0(1)EY2 Version: 15.0(2)EY Version: 15.0(2)EY1 Version: 15.0(2)EY2 Version: 15.0(2)EY3 Version: 15.0(1)SE Version: 15.0(2)SE Version: 15.0(1)SE1 Version: 15.0(1)SE2 Version: 15.0(1)SE3 Version: 15.0(2)SE1 Version: 15.0(2)SE2 Version: 15.0(2)SE3 Version: 15.0(2)SE4 Version: 15.0(2)SE5 Version: 15.0(2)SE6 Version: 15.0(2)SE7 Version: 15.0(2)SE8 Version: 15.0(2)SE9 Version: 15.0(2)SE10 Version: 15.0(2)SE11 Version: 15.0(2)SE10a Version: 15.0(2)SE12 Version: 15.0(2)SE13 Version: 15.0(1)SY Version: 15.0(1)SY1 Version: 15.0(1)SY2 Version: 15.0(1)SY3 Version: 15.0(1)SY4 Version: 15.0(1)SY5 Version: 15.0(1)SY6 Version: 15.0(1)SY7 Version: 15.0(1)SY8 Version: 15.0(1)SY7a Version: 15.0(1)SY9 Version: 15.0(1)SY10 Version: 12.2(33)SXJ Version: 12.2(33)SXJ1 Version: 12.2(33)SXJ2 Version: 12.2(33)SXJ3 Version: 12.2(33)SXJ4 Version: 12.2(33)SXJ5 Version: 12.2(33)SXJ6 Version: 12.2(33)SXJ7 Version: 12.2(33)SXJ8 Version: 12.2(33)SXJ9 Version: 12.2(33)SXJ10 Version: 15.1(1)SG Version: 15.1(2)SG Version: 15.1(1)SG1 Version: 15.1(1)SG2 Version: 15.1(2)SG1 Version: 15.1(2)SG2 Version: 15.1(2)SG3 Version: 15.1(2)SG4 Version: 15.1(2)SG5 Version: 15.1(2)SG6 Version: 15.1(2)SG7 Version: 15.1(2)SG8 Version: 15.2(4)M Version: 15.2(4)M1 Version: 15.2(4)M2 Version: 15.2(4)M4 Version: 15.2(4)M3 Version: 15.2(4)M5 Version: 15.2(4)M8 Version: 15.2(4)M10 Version: 15.2(4)M7 Version: 15.2(4)M6 Version: 15.2(4)M9 Version: 15.2(4)M6a Version: 15.2(4)M11 Version: 15.0(2)SG Version: 15.0(2)SG1 Version: 15.0(2)SG2 Version: 15.0(2)SG3 Version: 15.0(2)SG4 Version: 15.0(2)SG5 Version: 15.0(2)SG6 Version: 15.0(2)SG7 Version: 15.0(2)SG8 Version: 15.0(2)SG9 Version: 15.0(2)SG10 Version: 15.0(2)SG11 Version: 15.2(2)GC Version: 15.2(3)GC Version: 15.2(3)GC1 Version: 15.2(4)GC Version: 15.2(4)GC1 Version: 15.2(4)GC2 Version: 15.2(4)GC3 Version: 15.1(1)SY Version: 15.1(1)SY1 Version: 15.1(2)SY Version: 15.1(2)SY1 Version: 15.1(2)SY2 Version: 15.1(1)SY2 Version: 15.1(1)SY3 Version: 15.1(2)SY3 Version: 15.1(1)SY4 Version: 15.1(2)SY4 Version: 15.1(1)SY5 Version: 15.1(2)SY5 Version: 15.1(2)SY4a Version: 15.1(1)SY6 Version: 15.1(2)SY6 Version: 15.1(2)SY7 Version: 15.1(2)SY8 Version: 15.1(2)SY9 Version: 15.1(2)SY10 Version: 15.1(2)SY11 Version: 15.1(2)SY12 Version: 15.1(2)SY13 Version: 15.1(2)SY14 Version: 15.1(2)SY15 Version: 15.1(2)SY16 Version: 15.4(1)T Version: 15.4(2)T Version: 15.4(1)T2 Version: 15.4(1)T1 Version: 15.4(1)T3 Version: 15.4(2)T1 Version: 15.4(2)T3 Version: 15.4(2)T2 Version: 15.4(1)T4 Version: 15.4(2)T4 Version: 15.0(2)EA Version: 15.0(2)EA1 Version: 15.2(1)E Version: 15.2(2)E Version: 15.2(1)E1 Version: 15.2(3)E Version: 15.2(1)E2 Version: 15.2(1)E3 Version: 15.2(2)E1 Version: 15.2(4)E Version: 15.2(3)E1 Version: 15.2(2)E2 Version: 15.2(2a)E1 Version: 15.2(2)E3 Version: 15.2(2a)E2 Version: 15.2(3)E2 Version: 15.2(3a)E Version: 15.2(3)E3 Version: 15.2(4)E1 Version: 15.2(2)E4 Version: 15.2(2)E5 Version: 15.2(4)E2 Version: 15.2(3)E4 Version: 15.2(5)E Version: 15.2(4)E3 Version: 15.2(2)E6 Version: 15.2(5a)E Version: 15.2(5)E1 Version: 15.2(5b)E Version: 15.2(2)E5a Version: 15.2(5c)E Version: 15.2(2)E5b Version: 15.2(5a)E1 Version: 15.2(4)E4 Version: 15.2(2)E7 Version: 15.2(5)E2 Version: 15.2(6)E Version: 15.2(4)E5 Version: 15.2(5)E2c Version: 15.2(2)E8 Version: 15.2(6)E0a Version: 15.2(6)E1 Version: 15.2(6)E0c Version: 15.2(4)E6 Version: 15.2(6)E2 Version: 15.2(2)E9 Version: 15.2(4)E7 Version: 15.2(7)E Version: 15.2(2)E10 Version: 15.2(4)E8 Version: 15.2(6)E2a Version: 15.2(6)E2b Version: 15.2(7)E1 Version: 15.2(7)E0a Version: 15.2(7)E0b Version: 15.2(7)E0s Version: 15.2(6)E3 Version: 15.2(4)E9 Version: 15.2(7)E2 Version: 15.2(7a)E0b Version: 15.2(4)E10 Version: 15.2(7)E3 Version: 15.2(7)E1a Version: 15.2(7b)E0b Version: 15.2(7)E2a Version: 15.2(4)E10a Version: 15.2(7)E4 Version: 15.2(7)E3k Version: 15.2(8)E Version: 15.2(8)E1 Version: 15.2(7)E5 Version: 15.2(7)E6 Version: 15.2(8)E2 Version: 15.2(4)E10d Version: 15.2(7)E7 Version: 15.2(8)E3 Version: 15.2(7)E8 Version: 15.2(8)E4 Version: 15.2(7)E9 Version: 15.2(8)E5 Version: 15.2(8)E6 Version: 15.2(7)E10 Version: 15.2(7)E11 Version: 15.2(8)E7 Version: 15.2(7)E12 Version: 15.2(2)JB Version: 15.2(2)JB2 Version: 15.2(4)JB Version: 15.2(2)JB3 Version: 15.2(4)JB1 Version: 15.2(4)JB2 Version: 15.2(4)JB3 Version: 15.2(4)JB3a Version: 15.2(2)JB4 Version: 15.2(4)JB4 Version: 15.2(4)JB3h Version: 15.2(4)JB3b Version: 15.2(4)JB5 Version: 15.2(4)JB6 Version: 15.2(2)JB5 Version: 15.2(2)JB6 Version: 15.2(2)JAX Version: 15.3(3)M Version: 15.3(3)M1 Version: 15.3(3)M2 Version: 15.3(3)M3 Version: 15.3(3)M5 Version: 15.3(3)M4 Version: 15.3(3)M6 Version: 15.3(3)M7 Version: 15.3(3)M8 Version: 15.3(3)M9 Version: 15.3(3)M10 Version: 15.3(3)M8a Version: 15.2(4)JN Version: 15.2(1)EY Version: 15.0(2)EJ Version: 15.0(2)EJ1 Version: 15.2(1)SY Version: 15.2(1)SY1 Version: 15.2(1)SY0a Version: 15.2(1)SY2 Version: 15.2(2)SY Version: 15.2(1)SY1a Version: 15.2(2)SY1 Version: 15.2(2)SY2 Version: 15.2(1)SY3 Version: 15.2(1)SY4 Version: 15.2(2)SY3 Version: 15.2(1)SY5 Version: 15.2(1)SY6 Version: 15.2(1)SY7 Version: 15.2(1)SY8 Version: 15.2(5)EX Version: 15.0(2)EK Version: 15.0(2)EK1 Version: 15.4(1)CG Version: 15.4(1)CG1 Version: 15.4(2)CG Version: 15.5(1)S Version: 15.5(2)S Version: 15.5(1)S1 Version: 15.5(3)S Version: 15.5(1)S2 Version: 15.5(1)S3 Version: 15.5(2)S1 Version: 15.5(2)S2 Version: 15.5(3)S1 Version: 15.5(3)S1a Version: 15.5(2)S3 Version: 15.5(3)S2 Version: 15.5(3)S0a Version: 15.5(3)S3 Version: 15.5(1)S4 Version: 15.5(2)S4 Version: 15.5(3)S4 Version: 15.5(3)S5 Version: 15.5(3)S6 Version: 15.5(3)S6a Version: 15.5(3)S7 Version: 15.5(3)S6b Version: 15.5(3)S8 Version: 15.5(3)S9 Version: 15.5(3)S10 Version: 15.5(3)S9a Version: 15.5(1)T Version: 15.5(1)T1 Version: 15.5(2)T Version: 15.5(1)T2 Version: 15.5(1)T3 Version: 15.5(2)T1 Version: 15.5(2)T2 Version: 15.5(2)T3 Version: 15.5(2)T4 Version: 15.5(1)T4 Version: 15.2(2)EA Version: 15.2(2)EA1 Version: 15.2(2)EA2 Version: 15.2(3)EA Version: 15.2(4)EA Version: 15.2(4)EA1 Version: 15.2(2)EA3 Version: 15.2(4)EA3 Version: 15.2(5)EA Version: 15.2(4)EA4 Version: 15.2(4)EA5 Version: 15.2(4)EA6 Version: 15.2(4)EA7 Version: 15.2(4)EA8 Version: 15.2(4)EA9 Version: 15.2(4)EA9a Version: 15.3(3)JN3 Version: 15.3(3)JN4 Version: 15.3(3)JN7 Version: 15.3(3)JN8 Version: 15.3(3)JN9 Version: 15.5(3)M Version: 15.5(3)M1 Version: 15.5(3)M0a Version: 15.5(3)M2 Version: 15.5(3)M3 Version: 15.5(3)M4 Version: 15.5(3)M4a Version: 15.5(3)M5 Version: 15.5(3)M6 Version: 15.5(3)M7 Version: 15.5(3)M6a Version: 15.5(3)M8 Version: 15.5(3)M9 Version: 15.5(3)M10 Version: 15.3(3)JA1m Version: 15.3(3)JA1 Version: 15.3(3)JA4 Version: 15.3(3)JA5 Version: 15.3(3)JA6 Version: 15.3(3)JA7 Version: 15.3(3)JA8 Version: 15.3(3)JA10 Version: 15.3(3)JA11 Version: 15.3(3)JA12 Version: 15.3(3)JAA Version: 15.3(3)JAA11 Version: 15.3(3)JAA12 Version: 15.3(3)JAB Version: 15.3(3)JB Version: 15.5(3)SN Version: 15.0(2)SQD Version: 15.0(2)SQD1 Version: 15.0(2)SQD2 Version: 15.0(2)SQD3 Version: 15.0(2)SQD4 Version: 15.0(2)SQD5 Version: 15.0(2)SQD6 Version: 15.0(2)SQD7 Version: 15.0(2)SQD8 Version: 15.6(1)S Version: 15.6(2)S Version: 15.6(2)S1 Version: 15.6(1)S1 Version: 15.6(1)S2 Version: 15.6(2)S2 Version: 15.6(1)S3 Version: 15.6(2)S3 Version: 15.6(1)S4 Version: 15.6(2)S4 Version: 15.6(1)T Version: 15.6(2)T Version: 15.6(1)T0a Version: 15.6(1)T1 Version: 15.6(2)T1 Version: 15.6(1)T2 Version: 15.6(2)T2 Version: 15.6(1)T3 Version: 15.6(2)T3 Version: 15.3(3)JNB Version: 15.3(3)JNB1 Version: 15.3(3)JNB2 Version: 15.3(3)JNB3 Version: 15.3(3)JNB4 Version: 15.3(3)JNB6 Version: 15.3(3)JNB5 Version: 15.3(3)JAX Version: 15.3(3)JAX1 Version: 15.3(3)JAX2 Version: 15.3(3)JBB Version: 15.3(3)JBB1 Version: 15.3(3)JBB2 Version: 15.3(3)JBB4 Version: 15.3(3)JBB5 Version: 15.3(3)JBB6 Version: 15.3(3)JBB8 Version: 15.3(3)JBB6a Version: 15.3(3)JC Version: 15.3(3)JC1 Version: 15.3(3)JC2 Version: 15.3(3)JC3 Version: 15.3(3)JC4 Version: 15.3(3)JC5 Version: 15.3(3)JC6 Version: 15.3(3)JC8 Version: 15.3(3)JC9 Version: 15.3(3)JC14 Version: 15.3(1)SY Version: 15.3(1)SY1 Version: 15.3(1)SY2 Version: 15.3(3)JNC Version: 15.3(3)JNC1 Version: 15.3(3)JNC4 Version: 15.3(3)JNP Version: 15.3(3)JNP1 Version: 15.3(3)JNP3 Version: 15.6(2)SP Version: 15.6(2)SP1 Version: 15.6(2)SP2 Version: 15.6(2)SP3 Version: 15.6(2)SP4 Version: 15.6(2)SP5 Version: 15.6(2)SP6 Version: 15.6(2)SP7 Version: 15.6(2)SP8 Version: 15.6(2)SP9 Version: 15.6(2)SN Version: 15.3(3)JPB Version: 15.3(3)JPB1 Version: 15.3(3)JD Version: 15.3(3)JD2 Version: 15.3(3)JD3 Version: 15.3(3)JD4 Version: 15.3(3)JD5 Version: 15.3(3)JD6 Version: 15.3(3)JD7 Version: 15.3(3)JD8 Version: 15.3(3)JD9 Version: 15.3(3)JD11 Version: 15.3(3)JD13 Version: 15.3(3)JD14 Version: 15.3(3)JD16 Version: 15.3(3)JD17 Version: 15.6(3)M Version: 15.6(3)M1 Version: 15.6(3)M0a Version: 15.6(3)M1b Version: 15.6(3)M2 Version: 15.6(3)M2a Version: 15.6(3)M3 Version: 15.6(3)M3a Version: 15.6(3)M4 Version: 15.6(3)M5 Version: 15.6(3)M6 Version: 15.6(3)M7 Version: 15.6(3)M6a Version: 15.6(3)M6b Version: 15.6(3)M8 Version: 15.6(3)M9 Version: 15.2(4)EC1 Version: 15.2(4)EC2 Version: 15.3(3)JPC Version: 15.3(3)JPC1 Version: 15.3(3)JPC2 Version: 15.3(3)JPC3 Version: 15.3(3)JPC5 Version: 15.3(3)JND Version: 15.3(3)JND1 Version: 15.3(3)JND2 Version: 15.3(3)JND3 Version: 15.4(1)SY Version: 15.4(1)SY1 Version: 15.4(1)SY2 Version: 15.4(1)SY3 Version: 15.4(1)SY4 Version: 15.3(3)JE Version: 15.3(3)JPD Version: 15.3(3)JDA7 Version: 15.3(3)JDA8 Version: 15.3(3)JDA9 Version: 15.3(3)JDA11 Version: 15.3(3)JDA13 Version: 15.3(3)JDA14 Version: 15.3(3)JDA16 Version: 15.3(3)JDA17 Version: 15.5(1)SY Version: 15.5(1)SY1 Version: 15.5(1)SY2 Version: 15.5(1)SY3 Version: 15.5(1)SY4 Version: 15.5(1)SY5 Version: 15.5(1)SY6 Version: 15.5(1)SY7 Version: 15.5(1)SY8 Version: 15.5(1)SY9 Version: 15.5(1)SY10 Version: 15.5(1)SY11 Version: 15.5(1)SY12 Version: 15.5(1)SY13 Version: 15.5(1)SY14 Version: 15.5(1)SY15 Version: 15.3(3)JF Version: 15.3(3)JF1 Version: 15.3(3)JF2 Version: 15.3(3)JF4 Version: 15.3(3)JF5 Version: 15.3(3)JF6 Version: 15.3(3)JF7 Version: 15.3(3)JF8 Version: 15.3(3)JF9 Version: 15.3(3)JF10 Version: 15.3(3)JF11 Version: 15.3(3)JF12 Version: 15.3(3)JF12i Version: 15.3(3)JF14 Version: 15.3(3)JF14i Version: 15.3(3)JF15 Version: 15.3(3)JCA7 Version: 15.3(3)JCA8 Version: 15.3(3)JCA9 Version: 15.7(3)M Version: 15.7(3)M1 Version: 15.7(3)M0a Version: 15.7(3)M3 Version: 15.7(3)M2 Version: 15.7(3)M4 Version: 15.7(3)M5 Version: 15.7(3)M4a Version: 15.7(3)M4b Version: 15.7(3)M6 Version: 15.7(3)M7 Version: 15.7(3)M8 Version: 15.7(3)M9 Version: 15.3(3)JG Version: 15.3(3)JG1 Version: 15.3(3)JH Version: 15.3(3)JH1 Version: 15.3(3)JI1 Version: 15.3(3)JI3 Version: 15.3(3)JI4 Version: 15.3(3)JI5 Version: 15.3(3)JI6 Version: 15.8(3)M Version: 15.8(3)M1 Version: 15.8(3)M0a Version: 15.8(3)M0b Version: 15.8(3)M2 Version: 15.8(3)M1a Version: 15.8(3)M3 Version: 15.8(3)M2a Version: 15.8(3)M4 Version: 15.8(3)M3a Version: 15.8(3)M3b Version: 15.8(3)M5 Version: 15.8(3)M6 Version: 15.8(3)M7 Version: 15.8(3)M8 Version: 15.8(3)M9 Version: 15.9(3)M Version: 15.9(3)M1 Version: 15.9(3)M0a Version: 15.9(3)M2 Version: 15.9(3)M3 Version: 15.9(3)M2a Version: 15.9(3)M3a Version: 15.9(3)M4 Version: 15.9(3)M3b Version: 15.9(3)M5 Version: 15.9(3)M4a Version: 15.9(3)M6 Version: 15.9(3)M7 Version: 15.9(3)M6a Version: 15.9(3)M6b Version: 15.9(3)M8 Version: 15.9(3)M7a Version: 15.9(3)M9 Version: 15.9(3)M8b Version: 15.9(3)M10 Version: 15.9(3)M11 Version: 15.3(3)JK Version: 15.3(3)JK1 Version: 15.3(3)JK2 Version: 15.3(3)JK3 Version: 15.3(3)JK2a Version: 15.3(3)JK1t Version: 15.3(3)JK4 Version: 15.3(3)JK5 Version: 15.3(3)JK6 Version: 15.3(3)JK7 Version: 15.3(3)JK8 Version: 15.3(3)JK8a Version: 15.3(3)JK8b Version: 15.3(3)JK9 Version: 15.3(3)JK10 Version: 15.3(3)JK11 Version: 15.3(3)JJ Version: 15.3(3)JJ1 Version: 15.3(3)JPI1 Version: 15.3(3)JPI4 Version: 15.3(3)JPI1t Version: 15.3(3)JPI5 Version: 15.3(3)JPI7 Version: 15.3(3)JPI6a Version: 15.3(3)JPI8a Version: 15.3(3)JPI9 Version: 15.3(3)JPI10 Version: 15.3(3)JPJ2 Version: 15.3(3)JPJ3 Version: 15.3(3)JPJ2t Version: 15.3(3)JPJ3a Version: 15.3(3)JPJ4 Version: 15.3(3)JPJ5 Version: 15.3(3)JPJ6 Version: 15.3(3)JPJ7 Version: 15.3(3)JPJ7c Version: 15.3(3)JPJ8a Version: 15.3(3)JPJ9 Version: 15.3(3)JPJ10 Version: 15.3(3)JPJ11 Version: 15.3(3)JPK Version: 15.3(3)JPK1 Version: 15.3(3)JPK2 Version: 15.3(3)JPK3 Version: 15.3(3)JPK4 Version: 15.3(3)JPK5 Version: 15.3(3)JPK6 Version: 15.3(3)JPK7 Version: 15.3(3)JPK8 Version: 15.3(3)JPK9 Version: 15.3(3)JPL Version: 15.3(3)JPM Version: 15.3(3)JPN Version: 15.3(3)JPN1 Version: 15.3(3)JPN2 Version: 15.3(3)JPN3 Version: 15.3(3)JPN4 Version: 15.3(3)JPN5 Version: 15.3(3)JPN6 Version: 15.3(3)JPO Version: 15.3(3)JPP Version: 15.3(3)JPQ Version: 15.3(3)JPQ1 Version: 15.3(3)JPQ2 Version: 15.3(3)JPQ3 Version: 15.3(3)JPQ4 Version: 15.3(3)JPQ5 Version: 15.3(3)JPR Version: 15.3(3)JPS Version: 15.3(3)JPT Version: 15.3(3)JPT1 Version: 15.3(3)JPT2 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20352",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-24T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-09-29",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20352"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T22:20:24.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2025-09-29T00:00:00+00:00",
"value": "CVE-2025-20352 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "IOS",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.2(55)SE"
},
{
"status": "affected",
"version": "12.2(55)SE3"
},
{
"status": "affected",
"version": "12.2(55)SE2"
},
{
"status": "affected",
"version": "12.2(58)SE"
},
{
"status": "affected",
"version": "12.2(55)SE1"
},
{
"status": "affected",
"version": "12.2(58)SE1"
},
{
"status": "affected",
"version": "12.2(55)SE4"
},
{
"status": "affected",
"version": "12.2(58)SE2"
},
{
"status": "affected",
"version": "12.2(55)SE5"
},
{
"status": "affected",
"version": "12.2(55)SE6"
},
{
"status": "affected",
"version": "12.2(55)SE7"
},
{
"status": "affected",
"version": "12.2(55)SE8"
},
{
"status": "affected",
"version": "12.2(55)SE9"
},
{
"status": "affected",
"version": "12.2(55)SE10"
},
{
"status": "affected",
"version": "12.2(55)SE11"
},
{
"status": "affected",
"version": "12.2(55)SE12"
},
{
"status": "affected",
"version": "12.2(55)SE13"
},
{
"status": "affected",
"version": "12.2(58)EZ"
},
{
"status": "affected",
"version": "12.2(53)EZ"
},
{
"status": "affected",
"version": "12.2(55)EZ"
},
{
"status": "affected",
"version": "12.2(60)EZ"
},
{
"status": "affected",
"version": "12.2(60)EZ1"
},
{
"status": "affected",
"version": "12.2(60)EZ2"
},
{
"status": "affected",
"version": "12.2(60)EZ3"
},
{
"status": "affected",
"version": "12.2(60)EZ4"
},
{
"status": "affected",
"version": "12.2(60)EZ5"
},
{
"status": "affected",
"version": "12.2(60)EZ6"
},
{
"status": "affected",
"version": "12.2(60)EZ7"
},
{
"status": "affected",
"version": "12.2(60)EZ8"
},
{
"status": "affected",
"version": "12.2(60)EZ9"
},
{
"status": "affected",
"version": "12.2(60)EZ10"
},
{
"status": "affected",
"version": "12.2(60)EZ11"
},
{
"status": "affected",
"version": "12.2(60)EZ12"
},
{
"status": "affected",
"version": "12.2(60)EZ13"
},
{
"status": "affected",
"version": "12.2(60)EZ14"
},
{
"status": "affected",
"version": "12.2(60)EZ15"
},
{
"status": "affected",
"version": "12.2(33)SXI2"
},
{
"status": "affected",
"version": "12.2(33)SXI3"
},
{
"status": "affected",
"version": "12.2(33)SXI5"
},
{
"status": "affected",
"version": "12.2(33)SXI4a"
},
{
"status": "affected",
"version": "12.2(33)SXI4"
},
{
"status": "affected",
"version": "12.2(33)SXI2a"
},
{
"status": "affected",
"version": "12.2(33)SXI"
},
{
"status": "affected",
"version": "12.2(33)SXI6"
},
{
"status": "affected",
"version": "12.2(33)SXI7"
},
{
"status": "affected",
"version": "12.2(33)SXI1"
},
{
"status": "affected",
"version": "12.2(33)SXI8"
},
{
"status": "affected",
"version": "12.2(33)SXI9"
},
{
"status": "affected",
"version": "12.2(33)SXI8a"
},
{
"status": "affected",
"version": "12.2(33)SXI10"
},
{
"status": "affected",
"version": "12.2(33)SXI11"
},
{
"status": "affected",
"version": "12.2(33)SXI12"
},
{
"status": "affected",
"version": "12.2(33)SXI13"
},
{
"status": "affected",
"version": "12.2(33)SXI14"
},
{
"status": "affected",
"version": "12.2(50)SQ2"
},
{
"status": "affected",
"version": "12.2(50)SQ1"
},
{
"status": "affected",
"version": "12.2(50)SQ"
},
{
"status": "affected",
"version": "12.2(50)SQ3"
},
{
"status": "affected",
"version": "12.2(50)SQ4"
},
{
"status": "affected",
"version": "12.2(50)SQ5"
},
{
"status": "affected",
"version": "12.2(50)SQ6"
},
{
"status": "affected",
"version": "12.2(50)SQ7"
},
{
"status": "affected",
"version": "15.3(1)T"
},
{
"status": "affected",
"version": "15.3(2)T"
},
{
"status": "affected",
"version": "15.3(1)T1"
},
{
"status": "affected",
"version": "15.3(1)T2"
},
{
"status": "affected",
"version": "15.3(1)T3"
},
{
"status": "affected",
"version": "15.3(1)T4"
},
{
"status": "affected",
"version": "15.3(2)T1"
},
{
"status": "affected",
"version": "15.3(2)T2"
},
{
"status": "affected",
"version": "15.3(2)T3"
},
{
"status": "affected",
"version": "15.3(2)T4"
},
{
"status": "affected",
"version": "15.0(1)EY"
},
{
"status": "affected",
"version": "15.0(1)EY1"
},
{
"status": "affected",
"version": "15.0(1)EY2"
},
{
"status": "affected",
"version": "15.0(2)EY"
},
{
"status": "affected",
"version": "15.0(2)EY1"
},
{
"status": "affected",
"version": "15.0(2)EY2"
},
{
"status": "affected",
"version": "15.0(2)EY3"
},
{
"status": "affected",
"version": "15.0(1)SE"
},
{
"status": "affected",
"version": "15.0(2)SE"
},
{
"status": "affected",
"version": "15.0(1)SE1"
},
{
"status": "affected",
"version": "15.0(1)SE2"
},
{
"status": "affected",
"version": "15.0(1)SE3"
},
{
"status": "affected",
"version": "15.0(2)SE1"
},
{
"status": "affected",
"version": "15.0(2)SE2"
},
{
"status": "affected",
"version": "15.0(2)SE3"
},
{
"status": "affected",
"version": "15.0(2)SE4"
},
{
"status": "affected",
"version": "15.0(2)SE5"
},
{
"status": "affected",
"version": "15.0(2)SE6"
},
{
"status": "affected",
"version": "15.0(2)SE7"
},
{
"status": "affected",
"version": "15.0(2)SE8"
},
{
"status": "affected",
"version": "15.0(2)SE9"
},
{
"status": "affected",
"version": "15.0(2)SE10"
},
{
"status": "affected",
"version": "15.0(2)SE11"
},
{
"status": "affected",
"version": "15.0(2)SE10a"
},
{
"status": "affected",
"version": "15.0(2)SE12"
},
{
"status": "affected",
"version": "15.0(2)SE13"
},
{
"status": "affected",
"version": "15.0(1)SY"
},
{
"status": "affected",
"version": "15.0(1)SY1"
},
{
"status": "affected",
"version": "15.0(1)SY2"
},
{
"status": "affected",
"version": "15.0(1)SY3"
},
{
"status": "affected",
"version": "15.0(1)SY4"
},
{
"status": "affected",
"version": "15.0(1)SY5"
},
{
"status": "affected",
"version": "15.0(1)SY6"
},
{
"status": "affected",
"version": "15.0(1)SY7"
},
{
"status": "affected",
"version": "15.0(1)SY8"
},
{
"status": "affected",
"version": "15.0(1)SY7a"
},
{
"status": "affected",
"version": "15.0(1)SY9"
},
{
"status": "affected",
"version": "15.0(1)SY10"
},
{
"status": "affected",
"version": "12.2(33)SXJ"
},
{
"status": "affected",
"version": "12.2(33)SXJ1"
},
{
"status": "affected",
"version": "12.2(33)SXJ2"
},
{
"status": "affected",
"version": "12.2(33)SXJ3"
},
{
"status": "affected",
"version": "12.2(33)SXJ4"
},
{
"status": "affected",
"version": "12.2(33)SXJ5"
},
{
"status": "affected",
"version": "12.2(33)SXJ6"
},
{
"status": "affected",
"version": "12.2(33)SXJ7"
},
{
"status": "affected",
"version": "12.2(33)SXJ8"
},
{
"status": "affected",
"version": "12.2(33)SXJ9"
},
{
"status": "affected",
"version": "12.2(33)SXJ10"
},
{
"status": "affected",
"version": "15.1(1)SG"
},
{
"status": "affected",
"version": "15.1(2)SG"
},
{
"status": "affected",
"version": "15.1(1)SG1"
},
{
"status": "affected",
"version": "15.1(1)SG2"
},
{
"status": "affected",
"version": "15.1(2)SG1"
},
{
"status": "affected",
"version": "15.1(2)SG2"
},
{
"status": "affected",
"version": "15.1(2)SG3"
},
{
"status": "affected",
"version": "15.1(2)SG4"
},
{
"status": "affected",
"version": "15.1(2)SG5"
},
{
"status": "affected",
"version": "15.1(2)SG6"
},
{
"status": "affected",
"version": "15.1(2)SG7"
},
{
"status": "affected",
"version": "15.1(2)SG8"
},
{
"status": "affected",
"version": "15.2(4)M"
},
{
"status": "affected",
"version": "15.2(4)M1"
},
{
"status": "affected",
"version": "15.2(4)M2"
},
{
"status": "affected",
"version": "15.2(4)M4"
},
{
"status": "affected",
"version": "15.2(4)M3"
},
{
"status": "affected",
"version": "15.2(4)M5"
},
{
"status": "affected",
"version": "15.2(4)M8"
},
{
"status": "affected",
"version": "15.2(4)M10"
},
{
"status": "affected",
"version": "15.2(4)M7"
},
{
"status": "affected",
"version": "15.2(4)M6"
},
{
"status": "affected",
"version": "15.2(4)M9"
},
{
"status": "affected",
"version": "15.2(4)M6a"
},
{
"status": "affected",
"version": "15.2(4)M11"
},
{
"status": "affected",
"version": "15.0(2)SG"
},
{
"status": "affected",
"version": "15.0(2)SG1"
},
{
"status": "affected",
"version": "15.0(2)SG2"
},
{
"status": "affected",
"version": "15.0(2)SG3"
},
{
"status": "affected",
"version": "15.0(2)SG4"
},
{
"status": "affected",
"version": "15.0(2)SG5"
},
{
"status": "affected",
"version": "15.0(2)SG6"
},
{
"status": "affected",
"version": "15.0(2)SG7"
},
{
"status": "affected",
"version": "15.0(2)SG8"
},
{
"status": "affected",
"version": "15.0(2)SG9"
},
{
"status": "affected",
"version": "15.0(2)SG10"
},
{
"status": "affected",
"version": "15.0(2)SG11"
},
{
"status": "affected",
"version": "15.2(2)GC"
},
{
"status": "affected",
"version": "15.2(3)GC"
},
{
"status": "affected",
"version": "15.2(3)GC1"
},
{
"status": "affected",
"version": "15.2(4)GC"
},
{
"status": "affected",
"version": "15.2(4)GC1"
},
{
"status": "affected",
"version": "15.2(4)GC2"
},
{
"status": "affected",
"version": "15.2(4)GC3"
},
{
"status": "affected",
"version": "15.1(1)SY"
},
{
"status": "affected",
"version": "15.1(1)SY1"
},
{
"status": "affected",
"version": "15.1(2)SY"
},
{
"status": "affected",
"version": "15.1(2)SY1"
},
{
"status": "affected",
"version": "15.1(2)SY2"
},
{
"status": "affected",
"version": "15.1(1)SY2"
},
{
"status": "affected",
"version": "15.1(1)SY3"
},
{
"status": "affected",
"version": "15.1(2)SY3"
},
{
"status": "affected",
"version": "15.1(1)SY4"
},
{
"status": "affected",
"version": "15.1(2)SY4"
},
{
"status": "affected",
"version": "15.1(1)SY5"
},
{
"status": "affected",
"version": "15.1(2)SY5"
},
{
"status": "affected",
"version": "15.1(2)SY4a"
},
{
"status": "affected",
"version": "15.1(1)SY6"
},
{
"status": "affected",
"version": "15.1(2)SY6"
},
{
"status": "affected",
"version": "15.1(2)SY7"
},
{
"status": "affected",
"version": "15.1(2)SY8"
},
{
"status": "affected",
"version": "15.1(2)SY9"
},
{
"status": "affected",
"version": "15.1(2)SY10"
},
{
"status": "affected",
"version": "15.1(2)SY11"
},
{
"status": "affected",
"version": "15.1(2)SY12"
},
{
"status": "affected",
"version": "15.1(2)SY13"
},
{
"status": "affected",
"version": "15.1(2)SY14"
},
{
"status": "affected",
"version": "15.1(2)SY15"
},
{
"status": "affected",
"version": "15.1(2)SY16"
},
{
"status": "affected",
"version": "15.4(1)T"
},
{
"status": "affected",
"version": "15.4(2)T"
},
{
"status": "affected",
"version": "15.4(1)T2"
},
{
"status": "affected",
"version": "15.4(1)T1"
},
{
"status": "affected",
"version": "15.4(1)T3"
},
{
"status": "affected",
"version": "15.4(2)T1"
},
{
"status": "affected",
"version": "15.4(2)T3"
},
{
"status": "affected",
"version": "15.4(2)T2"
},
{
"status": "affected",
"version": "15.4(1)T4"
},
{
"status": "affected",
"version": "15.4(2)T4"
},
{
"status": "affected",
"version": "15.0(2)EA"
},
{
"status": "affected",
"version": "15.0(2)EA1"
},
{
"status": "affected",
"version": "15.2(1)E"
},
{
"status": "affected",
"version": "15.2(2)E"
},
{
"status": "affected",
"version": "15.2(1)E1"
},
{
"status": "affected",
"version": "15.2(3)E"
},
{
"status": "affected",
"version": "15.2(1)E2"
},
{
"status": "affected",
"version": "15.2(1)E3"
},
{
"status": "affected",
"version": "15.2(2)E1"
},
{
"status": "affected",
"version": "15.2(4)E"
},
{
"status": "affected",
"version": "15.2(3)E1"
},
{
"status": "affected",
"version": "15.2(2)E2"
},
{
"status": "affected",
"version": "15.2(2a)E1"
},
{
"status": "affected",
"version": "15.2(2)E3"
},
{
"status": "affected",
"version": "15.2(2a)E2"
},
{
"status": "affected",
"version": "15.2(3)E2"
},
{
"status": "affected",
"version": "15.2(3a)E"
},
{
"status": "affected",
"version": "15.2(3)E3"
},
{
"status": "affected",
"version": "15.2(4)E1"
},
{
"status": "affected",
"version": "15.2(2)E4"
},
{
"status": "affected",
"version": "15.2(2)E5"
},
{
"status": "affected",
"version": "15.2(4)E2"
},
{
"status": "affected",
"version": "15.2(3)E4"
},
{
"status": "affected",
"version": "15.2(5)E"
},
{
"status": "affected",
"version": "15.2(4)E3"
},
{
"status": "affected",
"version": "15.2(2)E6"
},
{
"status": "affected",
"version": "15.2(5a)E"
},
{
"status": "affected",
"version": "15.2(5)E1"
},
{
"status": "affected",
"version": "15.2(5b)E"
},
{
"status": "affected",
"version": "15.2(2)E5a"
},
{
"status": "affected",
"version": "15.2(5c)E"
},
{
"status": "affected",
"version": "15.2(2)E5b"
},
{
"status": "affected",
"version": "15.2(5a)E1"
},
{
"status": "affected",
"version": "15.2(4)E4"
},
{
"status": "affected",
"version": "15.2(2)E7"
},
{
"status": "affected",
"version": "15.2(5)E2"
},
{
"status": "affected",
"version": "15.2(6)E"
},
{
"status": "affected",
"version": "15.2(4)E5"
},
{
"status": "affected",
"version": "15.2(5)E2c"
},
{
"status": "affected",
"version": "15.2(2)E8"
},
{
"status": "affected",
"version": "15.2(6)E0a"
},
{
"status": "affected",
"version": "15.2(6)E1"
},
{
"status": "affected",
"version": "15.2(6)E0c"
},
{
"status": "affected",
"version": "15.2(4)E6"
},
{
"status": "affected",
"version": "15.2(6)E2"
},
{
"status": "affected",
"version": "15.2(2)E9"
},
{
"status": "affected",
"version": "15.2(4)E7"
},
{
"status": "affected",
"version": "15.2(7)E"
},
{
"status": "affected",
"version": "15.2(2)E10"
},
{
"status": "affected",
"version": "15.2(4)E8"
},
{
"status": "affected",
"version": "15.2(6)E2a"
},
{
"status": "affected",
"version": "15.2(6)E2b"
},
{
"status": "affected",
"version": "15.2(7)E1"
},
{
"status": "affected",
"version": "15.2(7)E0a"
},
{
"status": "affected",
"version": "15.2(7)E0b"
},
{
"status": "affected",
"version": "15.2(7)E0s"
},
{
"status": "affected",
"version": "15.2(6)E3"
},
{
"status": "affected",
"version": "15.2(4)E9"
},
{
"status": "affected",
"version": "15.2(7)E2"
},
{
"status": "affected",
"version": "15.2(7a)E0b"
},
{
"status": "affected",
"version": "15.2(4)E10"
},
{
"status": "affected",
"version": "15.2(7)E3"
},
{
"status": "affected",
"version": "15.2(7)E1a"
},
{
"status": "affected",
"version": "15.2(7b)E0b"
},
{
"status": "affected",
"version": "15.2(7)E2a"
},
{
"status": "affected",
"version": "15.2(4)E10a"
},
{
"status": "affected",
"version": "15.2(7)E4"
},
{
"status": "affected",
"version": "15.2(7)E3k"
},
{
"status": "affected",
"version": "15.2(8)E"
},
{
"status": "affected",
"version": "15.2(8)E1"
},
{
"status": "affected",
"version": "15.2(7)E5"
},
{
"status": "affected",
"version": "15.2(7)E6"
},
{
"status": "affected",
"version": "15.2(8)E2"
},
{
"status": "affected",
"version": "15.2(4)E10d"
},
{
"status": "affected",
"version": "15.2(7)E7"
},
{
"status": "affected",
"version": "15.2(8)E3"
},
{
"status": "affected",
"version": "15.2(7)E8"
},
{
"status": "affected",
"version": "15.2(8)E4"
},
{
"status": "affected",
"version": "15.2(7)E9"
},
{
"status": "affected",
"version": "15.2(8)E5"
},
{
"status": "affected",
"version": "15.2(8)E6"
},
{
"status": "affected",
"version": "15.2(7)E10"
},
{
"status": "affected",
"version": "15.2(7)E11"
},
{
"status": "affected",
"version": "15.2(8)E7"
},
{
"status": "affected",
"version": "15.2(7)E12"
},
{
"status": "affected",
"version": "15.2(2)JB"
},
{
"status": "affected",
"version": "15.2(2)JB2"
},
{
"status": "affected",
"version": "15.2(4)JB"
},
{
"status": "affected",
"version": "15.2(2)JB3"
},
{
"status": "affected",
"version": "15.2(4)JB1"
},
{
"status": "affected",
"version": "15.2(4)JB2"
},
{
"status": "affected",
"version": "15.2(4)JB3"
},
{
"status": "affected",
"version": "15.2(4)JB3a"
},
{
"status": "affected",
"version": "15.2(2)JB4"
},
{
"status": "affected",
"version": "15.2(4)JB4"
},
{
"status": "affected",
"version": "15.2(4)JB3h"
},
{
"status": "affected",
"version": "15.2(4)JB3b"
},
{
"status": "affected",
"version": "15.2(4)JB5"
},
{
"status": "affected",
"version": "15.2(4)JB6"
},
{
"status": "affected",
"version": "15.2(2)JB5"
},
{
"status": "affected",
"version": "15.2(2)JB6"
},
{
"status": "affected",
"version": "15.2(2)JAX"
},
{
"status": "affected",
"version": "15.3(3)M"
},
{
"status": "affected",
"version": "15.3(3)M1"
},
{
"status": "affected",
"version": "15.3(3)M2"
},
{
"status": "affected",
"version": "15.3(3)M3"
},
{
"status": "affected",
"version": "15.3(3)M5"
},
{
"status": "affected",
"version": "15.3(3)M4"
},
{
"status": "affected",
"version": "15.3(3)M6"
},
{
"status": "affected",
"version": "15.3(3)M7"
},
{
"status": "affected",
"version": "15.3(3)M8"
},
{
"status": "affected",
"version": "15.3(3)M9"
},
{
"status": "affected",
"version": "15.3(3)M10"
},
{
"status": "affected",
"version": "15.3(3)M8a"
},
{
"status": "affected",
"version": "15.2(4)JN"
},
{
"status": "affected",
"version": "15.2(1)EY"
},
{
"status": "affected",
"version": "15.0(2)EJ"
},
{
"status": "affected",
"version": "15.0(2)EJ1"
},
{
"status": "affected",
"version": "15.2(1)SY"
},
{
"status": "affected",
"version": "15.2(1)SY1"
},
{
"status": "affected",
"version": "15.2(1)SY0a"
},
{
"status": "affected",
"version": "15.2(1)SY2"
},
{
"status": "affected",
"version": "15.2(2)SY"
},
{
"status": "affected",
"version": "15.2(1)SY1a"
},
{
"status": "affected",
"version": "15.2(2)SY1"
},
{
"status": "affected",
"version": "15.2(2)SY2"
},
{
"status": "affected",
"version": "15.2(1)SY3"
},
{
"status": "affected",
"version": "15.2(1)SY4"
},
{
"status": "affected",
"version": "15.2(2)SY3"
},
{
"status": "affected",
"version": "15.2(1)SY5"
},
{
"status": "affected",
"version": "15.2(1)SY6"
},
{
"status": "affected",
"version": "15.2(1)SY7"
},
{
"status": "affected",
"version": "15.2(1)SY8"
},
{
"status": "affected",
"version": "15.2(5)EX"
},
{
"status": "affected",
"version": "15.0(2)EK"
},
{
"status": "affected",
"version": "15.0(2)EK1"
},
{
"status": "affected",
"version": "15.4(1)CG"
},
{
"status": "affected",
"version": "15.4(1)CG1"
},
{
"status": "affected",
"version": "15.4(2)CG"
},
{
"status": "affected",
"version": "15.5(1)S"
},
{
"status": "affected",
"version": "15.5(2)S"
},
{
"status": "affected",
"version": "15.5(1)S1"
},
{
"status": "affected",
"version": "15.5(3)S"
},
{
"status": "affected",
"version": "15.5(1)S2"
},
{
"status": "affected",
"version": "15.5(1)S3"
},
{
"status": "affected",
"version": "15.5(2)S1"
},
{
"status": "affected",
"version": "15.5(2)S2"
},
{
"status": "affected",
"version": "15.5(3)S1"
},
{
"status": "affected",
"version": "15.5(3)S1a"
},
{
"status": "affected",
"version": "15.5(2)S3"
},
{
"status": "affected",
"version": "15.5(3)S2"
},
{
"status": "affected",
"version": "15.5(3)S0a"
},
{
"status": "affected",
"version": "15.5(3)S3"
},
{
"status": "affected",
"version": "15.5(1)S4"
},
{
"status": "affected",
"version": "15.5(2)S4"
},
{
"status": "affected",
"version": "15.5(3)S4"
},
{
"status": "affected",
"version": "15.5(3)S5"
},
{
"status": "affected",
"version": "15.5(3)S6"
},
{
"status": "affected",
"version": "15.5(3)S6a"
},
{
"status": "affected",
"version": "15.5(3)S7"
},
{
"status": "affected",
"version": "15.5(3)S6b"
},
{
"status": "affected",
"version": "15.5(3)S8"
},
{
"status": "affected",
"version": "15.5(3)S9"
},
{
"status": "affected",
"version": "15.5(3)S10"
},
{
"status": "affected",
"version": "15.5(3)S9a"
},
{
"status": "affected",
"version": "15.5(1)T"
},
{
"status": "affected",
"version": "15.5(1)T1"
},
{
"status": "affected",
"version": "15.5(2)T"
},
{
"status": "affected",
"version": "15.5(1)T2"
},
{
"status": "affected",
"version": "15.5(1)T3"
},
{
"status": "affected",
"version": "15.5(2)T1"
},
{
"status": "affected",
"version": "15.5(2)T2"
},
{
"status": "affected",
"version": "15.5(2)T3"
},
{
"status": "affected",
"version": "15.5(2)T4"
},
{
"status": "affected",
"version": "15.5(1)T4"
},
{
"status": "affected",
"version": "15.2(2)EA"
},
{
"status": "affected",
"version": "15.2(2)EA1"
},
{
"status": "affected",
"version": "15.2(2)EA2"
},
{
"status": "affected",
"version": "15.2(3)EA"
},
{
"status": "affected",
"version": "15.2(4)EA"
},
{
"status": "affected",
"version": "15.2(4)EA1"
},
{
"status": "affected",
"version": "15.2(2)EA3"
},
{
"status": "affected",
"version": "15.2(4)EA3"
},
{
"status": "affected",
"version": "15.2(5)EA"
},
{
"status": "affected",
"version": "15.2(4)EA4"
},
{
"status": "affected",
"version": "15.2(4)EA5"
},
{
"status": "affected",
"version": "15.2(4)EA6"
},
{
"status": "affected",
"version": "15.2(4)EA7"
},
{
"status": "affected",
"version": "15.2(4)EA8"
},
{
"status": "affected",
"version": "15.2(4)EA9"
},
{
"status": "affected",
"version": "15.2(4)EA9a"
},
{
"status": "affected",
"version": "15.3(3)JN3"
},
{
"status": "affected",
"version": "15.3(3)JN4"
},
{
"status": "affected",
"version": "15.3(3)JN7"
},
{
"status": "affected",
"version": "15.3(3)JN8"
},
{
"status": "affected",
"version": "15.3(3)JN9"
},
{
"status": "affected",
"version": "15.5(3)M"
},
{
"status": "affected",
"version": "15.5(3)M1"
},
{
"status": "affected",
"version": "15.5(3)M0a"
},
{
"status": "affected",
"version": "15.5(3)M2"
},
{
"status": "affected",
"version": "15.5(3)M3"
},
{
"status": "affected",
"version": "15.5(3)M4"
},
{
"status": "affected",
"version": "15.5(3)M4a"
},
{
"status": "affected",
"version": "15.5(3)M5"
},
{
"status": "affected",
"version": "15.5(3)M6"
},
{
"status": "affected",
"version": "15.5(3)M7"
},
{
"status": "affected",
"version": "15.5(3)M6a"
},
{
"status": "affected",
"version": "15.5(3)M8"
},
{
"status": "affected",
"version": "15.5(3)M9"
},
{
"status": "affected",
"version": "15.5(3)M10"
},
{
"status": "affected",
"version": "15.3(3)JA1m"
},
{
"status": "affected",
"version": "15.3(3)JA1"
},
{
"status": "affected",
"version": "15.3(3)JA4"
},
{
"status": "affected",
"version": "15.3(3)JA5"
},
{
"status": "affected",
"version": "15.3(3)JA6"
},
{
"status": "affected",
"version": "15.3(3)JA7"
},
{
"status": "affected",
"version": "15.3(3)JA8"
},
{
"status": "affected",
"version": "15.3(3)JA10"
},
{
"status": "affected",
"version": "15.3(3)JA11"
},
{
"status": "affected",
"version": "15.3(3)JA12"
},
{
"status": "affected",
"version": "15.3(3)JAA"
},
{
"status": "affected",
"version": "15.3(3)JAA11"
},
{
"status": "affected",
"version": "15.3(3)JAA12"
},
{
"status": "affected",
"version": "15.3(3)JAB"
},
{
"status": "affected",
"version": "15.3(3)JB"
},
{
"status": "affected",
"version": "15.5(3)SN"
},
{
"status": "affected",
"version": "15.0(2)SQD"
},
{
"status": "affected",
"version": "15.0(2)SQD1"
},
{
"status": "affected",
"version": "15.0(2)SQD2"
},
{
"status": "affected",
"version": "15.0(2)SQD3"
},
{
"status": "affected",
"version": "15.0(2)SQD4"
},
{
"status": "affected",
"version": "15.0(2)SQD5"
},
{
"status": "affected",
"version": "15.0(2)SQD6"
},
{
"status": "affected",
"version": "15.0(2)SQD7"
},
{
"status": "affected",
"version": "15.0(2)SQD8"
},
{
"status": "affected",
"version": "15.6(1)S"
},
{
"status": "affected",
"version": "15.6(2)S"
},
{
"status": "affected",
"version": "15.6(2)S1"
},
{
"status": "affected",
"version": "15.6(1)S1"
},
{
"status": "affected",
"version": "15.6(1)S2"
},
{
"status": "affected",
"version": "15.6(2)S2"
},
{
"status": "affected",
"version": "15.6(1)S3"
},
{
"status": "affected",
"version": "15.6(2)S3"
},
{
"status": "affected",
"version": "15.6(1)S4"
},
{
"status": "affected",
"version": "15.6(2)S4"
},
{
"status": "affected",
"version": "15.6(1)T"
},
{
"status": "affected",
"version": "15.6(2)T"
},
{
"status": "affected",
"version": "15.6(1)T0a"
},
{
"status": "affected",
"version": "15.6(1)T1"
},
{
"status": "affected",
"version": "15.6(2)T1"
},
{
"status": "affected",
"version": "15.6(1)T2"
},
{
"status": "affected",
"version": "15.6(2)T2"
},
{
"status": "affected",
"version": "15.6(1)T3"
},
{
"status": "affected",
"version": "15.6(2)T3"
},
{
"status": "affected",
"version": "15.3(3)JNB"
},
{
"status": "affected",
"version": "15.3(3)JNB1"
},
{
"status": "affected",
"version": "15.3(3)JNB2"
},
{
"status": "affected",
"version": "15.3(3)JNB3"
},
{
"status": "affected",
"version": "15.3(3)JNB4"
},
{
"status": "affected",
"version": "15.3(3)JNB6"
},
{
"status": "affected",
"version": "15.3(3)JNB5"
},
{
"status": "affected",
"version": "15.3(3)JAX"
},
{
"status": "affected",
"version": "15.3(3)JAX1"
},
{
"status": "affected",
"version": "15.3(3)JAX2"
},
{
"status": "affected",
"version": "15.3(3)JBB"
},
{
"status": "affected",
"version": "15.3(3)JBB1"
},
{
"status": "affected",
"version": "15.3(3)JBB2"
},
{
"status": "affected",
"version": "15.3(3)JBB4"
},
{
"status": "affected",
"version": "15.3(3)JBB5"
},
{
"status": "affected",
"version": "15.3(3)JBB6"
},
{
"status": "affected",
"version": "15.3(3)JBB8"
},
{
"status": "affected",
"version": "15.3(3)JBB6a"
},
{
"status": "affected",
"version": "15.3(3)JC"
},
{
"status": "affected",
"version": "15.3(3)JC1"
},
{
"status": "affected",
"version": "15.3(3)JC2"
},
{
"status": "affected",
"version": "15.3(3)JC3"
},
{
"status": "affected",
"version": "15.3(3)JC4"
},
{
"status": "affected",
"version": "15.3(3)JC5"
},
{
"status": "affected",
"version": "15.3(3)JC6"
},
{
"status": "affected",
"version": "15.3(3)JC8"
},
{
"status": "affected",
"version": "15.3(3)JC9"
},
{
"status": "affected",
"version": "15.3(3)JC14"
},
{
"status": "affected",
"version": "15.3(1)SY"
},
{
"status": "affected",
"version": "15.3(1)SY1"
},
{
"status": "affected",
"version": "15.3(1)SY2"
},
{
"status": "affected",
"version": "15.3(3)JNC"
},
{
"status": "affected",
"version": "15.3(3)JNC1"
},
{
"status": "affected",
"version": "15.3(3)JNC4"
},
{
"status": "affected",
"version": "15.3(3)JNP"
},
{
"status": "affected",
"version": "15.3(3)JNP1"
},
{
"status": "affected",
"version": "15.3(3)JNP3"
},
{
"status": "affected",
"version": "15.6(2)SP"
},
{
"status": "affected",
"version": "15.6(2)SP1"
},
{
"status": "affected",
"version": "15.6(2)SP2"
},
{
"status": "affected",
"version": "15.6(2)SP3"
},
{
"status": "affected",
"version": "15.6(2)SP4"
},
{
"status": "affected",
"version": "15.6(2)SP5"
},
{
"status": "affected",
"version": "15.6(2)SP6"
},
{
"status": "affected",
"version": "15.6(2)SP7"
},
{
"status": "affected",
"version": "15.6(2)SP8"
},
{
"status": "affected",
"version": "15.6(2)SP9"
},
{
"status": "affected",
"version": "15.6(2)SN"
},
{
"status": "affected",
"version": "15.3(3)JPB"
},
{
"status": "affected",
"version": "15.3(3)JPB1"
},
{
"status": "affected",
"version": "15.3(3)JD"
},
{
"status": "affected",
"version": "15.3(3)JD2"
},
{
"status": "affected",
"version": "15.3(3)JD3"
},
{
"status": "affected",
"version": "15.3(3)JD4"
},
{
"status": "affected",
"version": "15.3(3)JD5"
},
{
"status": "affected",
"version": "15.3(3)JD6"
},
{
"status": "affected",
"version": "15.3(3)JD7"
},
{
"status": "affected",
"version": "15.3(3)JD8"
},
{
"status": "affected",
"version": "15.3(3)JD9"
},
{
"status": "affected",
"version": "15.3(3)JD11"
},
{
"status": "affected",
"version": "15.3(3)JD13"
},
{
"status": "affected",
"version": "15.3(3)JD14"
},
{
"status": "affected",
"version": "15.3(3)JD16"
},
{
"status": "affected",
"version": "15.3(3)JD17"
},
{
"status": "affected",
"version": "15.6(3)M"
},
{
"status": "affected",
"version": "15.6(3)M1"
},
{
"status": "affected",
"version": "15.6(3)M0a"
},
{
"status": "affected",
"version": "15.6(3)M1b"
},
{
"status": "affected",
"version": "15.6(3)M2"
},
{
"status": "affected",
"version": "15.6(3)M2a"
},
{
"status": "affected",
"version": "15.6(3)M3"
},
{
"status": "affected",
"version": "15.6(3)M3a"
},
{
"status": "affected",
"version": "15.6(3)M4"
},
{
"status": "affected",
"version": "15.6(3)M5"
},
{
"status": "affected",
"version": "15.6(3)M6"
},
{
"status": "affected",
"version": "15.6(3)M7"
},
{
"status": "affected",
"version": "15.6(3)M6a"
},
{
"status": "affected",
"version": "15.6(3)M6b"
},
{
"status": "affected",
"version": "15.6(3)M8"
},
{
"status": "affected",
"version": "15.6(3)M9"
},
{
"status": "affected",
"version": "15.2(4)EC1"
},
{
"status": "affected",
"version": "15.2(4)EC2"
},
{
"status": "affected",
"version": "15.3(3)JPC"
},
{
"status": "affected",
"version": "15.3(3)JPC1"
},
{
"status": "affected",
"version": "15.3(3)JPC2"
},
{
"status": "affected",
"version": "15.3(3)JPC3"
},
{
"status": "affected",
"version": "15.3(3)JPC5"
},
{
"status": "affected",
"version": "15.3(3)JND"
},
{
"status": "affected",
"version": "15.3(3)JND1"
},
{
"status": "affected",
"version": "15.3(3)JND2"
},
{
"status": "affected",
"version": "15.3(3)JND3"
},
{
"status": "affected",
"version": "15.4(1)SY"
},
{
"status": "affected",
"version": "15.4(1)SY1"
},
{
"status": "affected",
"version": "15.4(1)SY2"
},
{
"status": "affected",
"version": "15.4(1)SY3"
},
{
"status": "affected",
"version": "15.4(1)SY4"
},
{
"status": "affected",
"version": "15.3(3)JE"
},
{
"status": "affected",
"version": "15.3(3)JPD"
},
{
"status": "affected",
"version": "15.3(3)JDA7"
},
{
"status": "affected",
"version": "15.3(3)JDA8"
},
{
"status": "affected",
"version": "15.3(3)JDA9"
},
{
"status": "affected",
"version": "15.3(3)JDA11"
},
{
"status": "affected",
"version": "15.3(3)JDA13"
},
{
"status": "affected",
"version": "15.3(3)JDA14"
},
{
"status": "affected",
"version": "15.3(3)JDA16"
},
{
"status": "affected",
"version": "15.3(3)JDA17"
},
{
"status": "affected",
"version": "15.5(1)SY"
},
{
"status": "affected",
"version": "15.5(1)SY1"
},
{
"status": "affected",
"version": "15.5(1)SY2"
},
{
"status": "affected",
"version": "15.5(1)SY3"
},
{
"status": "affected",
"version": "15.5(1)SY4"
},
{
"status": "affected",
"version": "15.5(1)SY5"
},
{
"status": "affected",
"version": "15.5(1)SY6"
},
{
"status": "affected",
"version": "15.5(1)SY7"
},
{
"status": "affected",
"version": "15.5(1)SY8"
},
{
"status": "affected",
"version": "15.5(1)SY9"
},
{
"status": "affected",
"version": "15.5(1)SY10"
},
{
"status": "affected",
"version": "15.5(1)SY11"
},
{
"status": "affected",
"version": "15.5(1)SY12"
},
{
"status": "affected",
"version": "15.5(1)SY13"
},
{
"status": "affected",
"version": "15.5(1)SY14"
},
{
"status": "affected",
"version": "15.5(1)SY15"
},
{
"status": "affected",
"version": "15.3(3)JF"
},
{
"status": "affected",
"version": "15.3(3)JF1"
},
{
"status": "affected",
"version": "15.3(3)JF2"
},
{
"status": "affected",
"version": "15.3(3)JF4"
},
{
"status": "affected",
"version": "15.3(3)JF5"
},
{
"status": "affected",
"version": "15.3(3)JF6"
},
{
"status": "affected",
"version": "15.3(3)JF7"
},
{
"status": "affected",
"version": "15.3(3)JF8"
},
{
"status": "affected",
"version": "15.3(3)JF9"
},
{
"status": "affected",
"version": "15.3(3)JF10"
},
{
"status": "affected",
"version": "15.3(3)JF11"
},
{
"status": "affected",
"version": "15.3(3)JF12"
},
{
"status": "affected",
"version": "15.3(3)JF12i"
},
{
"status": "affected",
"version": "15.3(3)JF14"
},
{
"status": "affected",
"version": "15.3(3)JF14i"
},
{
"status": "affected",
"version": "15.3(3)JF15"
},
{
"status": "affected",
"version": "15.3(3)JCA7"
},
{
"status": "affected",
"version": "15.3(3)JCA8"
},
{
"status": "affected",
"version": "15.3(3)JCA9"
},
{
"status": "affected",
"version": "15.7(3)M"
},
{
"status": "affected",
"version": "15.7(3)M1"
},
{
"status": "affected",
"version": "15.7(3)M0a"
},
{
"status": "affected",
"version": "15.7(3)M3"
},
{
"status": "affected",
"version": "15.7(3)M2"
},
{
"status": "affected",
"version": "15.7(3)M4"
},
{
"status": "affected",
"version": "15.7(3)M5"
},
{
"status": "affected",
"version": "15.7(3)M4a"
},
{
"status": "affected",
"version": "15.7(3)M4b"
},
{
"status": "affected",
"version": "15.7(3)M6"
},
{
"status": "affected",
"version": "15.7(3)M7"
},
{
"status": "affected",
"version": "15.7(3)M8"
},
{
"status": "affected",
"version": "15.7(3)M9"
},
{
"status": "affected",
"version": "15.3(3)JG"
},
{
"status": "affected",
"version": "15.3(3)JG1"
},
{
"status": "affected",
"version": "15.3(3)JH"
},
{
"status": "affected",
"version": "15.3(3)JH1"
},
{
"status": "affected",
"version": "15.3(3)JI1"
},
{
"status": "affected",
"version": "15.3(3)JI3"
},
{
"status": "affected",
"version": "15.3(3)JI4"
},
{
"status": "affected",
"version": "15.3(3)JI5"
},
{
"status": "affected",
"version": "15.3(3)JI6"
},
{
"status": "affected",
"version": "15.8(3)M"
},
{
"status": "affected",
"version": "15.8(3)M1"
},
{
"status": "affected",
"version": "15.8(3)M0a"
},
{
"status": "affected",
"version": "15.8(3)M0b"
},
{
"status": "affected",
"version": "15.8(3)M2"
},
{
"status": "affected",
"version": "15.8(3)M1a"
},
{
"status": "affected",
"version": "15.8(3)M3"
},
{
"status": "affected",
"version": "15.8(3)M2a"
},
{
"status": "affected",
"version": "15.8(3)M4"
},
{
"status": "affected",
"version": "15.8(3)M3a"
},
{
"status": "affected",
"version": "15.8(3)M3b"
},
{
"status": "affected",
"version": "15.8(3)M5"
},
{
"status": "affected",
"version": "15.8(3)M6"
},
{
"status": "affected",
"version": "15.8(3)M7"
},
{
"status": "affected",
"version": "15.8(3)M8"
},
{
"status": "affected",
"version": "15.8(3)M9"
},
{
"status": "affected",
"version": "15.9(3)M"
},
{
"status": "affected",
"version": "15.9(3)M1"
},
{
"status": "affected",
"version": "15.9(3)M0a"
},
{
"status": "affected",
"version": "15.9(3)M2"
},
{
"status": "affected",
"version": "15.9(3)M3"
},
{
"status": "affected",
"version": "15.9(3)M2a"
},
{
"status": "affected",
"version": "15.9(3)M3a"
},
{
"status": "affected",
"version": "15.9(3)M4"
},
{
"status": "affected",
"version": "15.9(3)M3b"
},
{
"status": "affected",
"version": "15.9(3)M5"
},
{
"status": "affected",
"version": "15.9(3)M4a"
},
{
"status": "affected",
"version": "15.9(3)M6"
},
{
"status": "affected",
"version": "15.9(3)M7"
},
{
"status": "affected",
"version": "15.9(3)M6a"
},
{
"status": "affected",
"version": "15.9(3)M6b"
},
{
"status": "affected",
"version": "15.9(3)M8"
},
{
"status": "affected",
"version": "15.9(3)M7a"
},
{
"status": "affected",
"version": "15.9(3)M9"
},
{
"status": "affected",
"version": "15.9(3)M8b"
},
{
"status": "affected",
"version": "15.9(3)M10"
},
{
"status": "affected",
"version": "15.9(3)M11"
},
{
"status": "affected",
"version": "15.3(3)JK"
},
{
"status": "affected",
"version": "15.3(3)JK1"
},
{
"status": "affected",
"version": "15.3(3)JK2"
},
{
"status": "affected",
"version": "15.3(3)JK3"
},
{
"status": "affected",
"version": "15.3(3)JK2a"
},
{
"status": "affected",
"version": "15.3(3)JK1t"
},
{
"status": "affected",
"version": "15.3(3)JK4"
},
{
"status": "affected",
"version": "15.3(3)JK5"
},
{
"status": "affected",
"version": "15.3(3)JK6"
},
{
"status": "affected",
"version": "15.3(3)JK7"
},
{
"status": "affected",
"version": "15.3(3)JK8"
},
{
"status": "affected",
"version": "15.3(3)JK8a"
},
{
"status": "affected",
"version": "15.3(3)JK8b"
},
{
"status": "affected",
"version": "15.3(3)JK9"
},
{
"status": "affected",
"version": "15.3(3)JK10"
},
{
"status": "affected",
"version": "15.3(3)JK11"
},
{
"status": "affected",
"version": "15.3(3)JJ"
},
{
"status": "affected",
"version": "15.3(3)JJ1"
},
{
"status": "affected",
"version": "15.3(3)JPI1"
},
{
"status": "affected",
"version": "15.3(3)JPI4"
},
{
"status": "affected",
"version": "15.3(3)JPI1t"
},
{
"status": "affected",
"version": "15.3(3)JPI5"
},
{
"status": "affected",
"version": "15.3(3)JPI7"
},
{
"status": "affected",
"version": "15.3(3)JPI6a"
},
{
"status": "affected",
"version": "15.3(3)JPI8a"
},
{
"status": "affected",
"version": "15.3(3)JPI9"
},
{
"status": "affected",
"version": "15.3(3)JPI10"
},
{
"status": "affected",
"version": "15.3(3)JPJ2"
},
{
"status": "affected",
"version": "15.3(3)JPJ3"
},
{
"status": "affected",
"version": "15.3(3)JPJ2t"
},
{
"status": "affected",
"version": "15.3(3)JPJ3a"
},
{
"status": "affected",
"version": "15.3(3)JPJ4"
},
{
"status": "affected",
"version": "15.3(3)JPJ5"
},
{
"status": "affected",
"version": "15.3(3)JPJ6"
},
{
"status": "affected",
"version": "15.3(3)JPJ7"
},
{
"status": "affected",
"version": "15.3(3)JPJ7c"
},
{
"status": "affected",
"version": "15.3(3)JPJ8a"
},
{
"status": "affected",
"version": "15.3(3)JPJ9"
},
{
"status": "affected",
"version": "15.3(3)JPJ10"
},
{
"status": "affected",
"version": "15.3(3)JPJ11"
},
{
"status": "affected",
"version": "15.3(3)JPK"
},
{
"status": "affected",
"version": "15.3(3)JPK1"
},
{
"status": "affected",
"version": "15.3(3)JPK2"
},
{
"status": "affected",
"version": "15.3(3)JPK3"
},
{
"status": "affected",
"version": "15.3(3)JPK4"
},
{
"status": "affected",
"version": "15.3(3)JPK5"
},
{
"status": "affected",
"version": "15.3(3)JPK6"
},
{
"status": "affected",
"version": "15.3(3)JPK7"
},
{
"status": "affected",
"version": "15.3(3)JPK8"
},
{
"status": "affected",
"version": "15.3(3)JPK9"
},
{
"status": "affected",
"version": "15.3(3)JPL"
},
{
"status": "affected",
"version": "15.3(3)JPM"
},
{
"status": "affected",
"version": "15.3(3)JPN"
},
{
"status": "affected",
"version": "15.3(3)JPN1"
},
{
"status": "affected",
"version": "15.3(3)JPN2"
},
{
"status": "affected",
"version": "15.3(3)JPN3"
},
{
"status": "affected",
"version": "15.3(3)JPN4"
},
{
"status": "affected",
"version": "15.3(3)JPN5"
},
{
"status": "affected",
"version": "15.3(3)JPN6"
},
{
"status": "affected",
"version": "15.3(3)JPO"
},
{
"status": "affected",
"version": "15.3(3)JPP"
},
{
"status": "affected",
"version": "15.3(3)JPQ"
},
{
"status": "affected",
"version": "15.3(3)JPQ1"
},
{
"status": "affected",
"version": "15.3(3)JPQ2"
},
{
"status": "affected",
"version": "15.3(3)JPQ3"
},
{
"status": "affected",
"version": "15.3(3)JPQ4"
},
{
"status": "affected",
"version": "15.3(3)JPQ5"
},
{
"status": "affected",
"version": "15.3(3)JPR"
},
{
"status": "affected",
"version": "15.3(3)JPS"
},
{
"status": "affected",
"version": "15.3(3)JPT"
},
{
"status": "affected",
"version": "15.3(3)JPT1"
},
{
"status": "affected",
"version": "15.3(3)JPT2"
}
]
},
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.5.0E"
},
{
"status": "affected",
"version": "3.5.1E"
},
{
"status": "affected",
"version": "3.5.2E"
},
{
"status": "affected",
"version": "3.5.3E"
},
{
"status": "affected",
"version": "3.6.0E"
},
{
"status": "affected",
"version": "3.6.1E"
},
{
"status": "affected",
"version": "3.6.2aE"
},
{
"status": "affected",
"version": "3.6.2E"
},
{
"status": "affected",
"version": "3.6.3E"
},
{
"status": "affected",
"version": "3.6.4E"
},
{
"status": "affected",
"version": "3.6.5E"
},
{
"status": "affected",
"version": "3.6.6E"
},
{
"status": "affected",
"version": "3.6.5aE"
},
{
"status": "affected",
"version": "3.6.7E"
},
{
"status": "affected",
"version": "3.6.8E"
},
{
"status": "affected",
"version": "3.6.7bE"
},
{
"status": "affected",
"version": "3.6.9E"
},
{
"status": "affected",
"version": "3.6.10E"
},
{
"status": "affected",
"version": "3.14.0S"
},
{
"status": "affected",
"version": "3.14.1S"
},
{
"status": "affected",
"version": "3.14.2S"
},
{
"status": "affected",
"version": "3.14.3S"
},
{
"status": "affected",
"version": "3.14.4S"
},
{
"status": "affected",
"version": "3.15.0S"
},
{
"status": "affected",
"version": "3.15.1S"
},
{
"status": "affected",
"version": "3.15.2S"
},
{
"status": "affected",
"version": "3.15.1cS"
},
{
"status": "affected",
"version": "3.15.3S"
},
{
"status": "affected",
"version": "3.15.4S"
},
{
"status": "affected",
"version": "3.7.0E"
},
{
"status": "affected",
"version": "3.7.1E"
},
{
"status": "affected",
"version": "3.7.2E"
},
{
"status": "affected",
"version": "3.7.3E"
},
{
"status": "affected",
"version": "3.7.4E"
},
{
"status": "affected",
"version": "3.7.5E"
},
{
"status": "affected",
"version": "3.5.0SQ"
},
{
"status": "affected",
"version": "3.5.1SQ"
},
{
"status": "affected",
"version": "3.5.2SQ"
},
{
"status": "affected",
"version": "3.5.3SQ"
},
{
"status": "affected",
"version": "3.5.4SQ"
},
{
"status": "affected",
"version": "3.5.5SQ"
},
{
"status": "affected",
"version": "3.5.6SQ"
},
{
"status": "affected",
"version": "3.5.7SQ"
},
{
"status": "affected",
"version": "3.5.8SQ"
},
{
"status": "affected",
"version": "3.16.0S"
},
{
"status": "affected",
"version": "3.16.1S"
},
{
"status": "affected",
"version": "3.16.1aS"
},
{
"status": "affected",
"version": "3.16.2S"
},
{
"status": "affected",
"version": "3.16.2aS"
},
{
"status": "affected",
"version": "3.16.0cS"
},
{
"status": "affected",
"version": "3.16.3S"
},
{
"status": "affected",
"version": "3.16.2bS"
},
{
"status": "affected",
"version": "3.16.3aS"
},
{
"status": "affected",
"version": "3.16.4S"
},
{
"status": "affected",
"version": "3.16.4aS"
},
{
"status": "affected",
"version": "3.16.4bS"
},
{
"status": "affected",
"version": "3.16.5S"
},
{
"status": "affected",
"version": "3.16.4dS"
},
{
"status": "affected",
"version": "3.16.6S"
},
{
"status": "affected",
"version": "3.16.7S"
},
{
"status": "affected",
"version": "3.16.6bS"
},
{
"status": "affected",
"version": "3.16.7aS"
},
{
"status": "affected",
"version": "3.16.7bS"
},
{
"status": "affected",
"version": "3.16.8S"
},
{
"status": "affected",
"version": "3.16.9S"
},
{
"status": "affected",
"version": "3.16.10S"
},
{
"status": "affected",
"version": "3.17.0S"
},
{
"status": "affected",
"version": "3.17.1S"
},
{
"status": "affected",
"version": "3.17.2S"
},
{
"status": "affected",
"version": "3.17.1aS"
},
{
"status": "affected",
"version": "3.17.3S"
},
{
"status": "affected",
"version": "3.17.4S"
},
{
"status": "affected",
"version": "3.8.0E"
},
{
"status": "affected",
"version": "3.8.1E"
},
{
"status": "affected",
"version": "3.8.2E"
},
{
"status": "affected",
"version": "3.8.3E"
},
{
"status": "affected",
"version": "3.8.4E"
},
{
"status": "affected",
"version": "3.8.5E"
},
{
"status": "affected",
"version": "3.8.5aE"
},
{
"status": "affected",
"version": "3.8.6E"
},
{
"status": "affected",
"version": "3.8.7E"
},
{
"status": "affected",
"version": "3.8.8E"
},
{
"status": "affected",
"version": "3.8.9E"
},
{
"status": "affected",
"version": "3.8.10E"
},
{
"status": "affected",
"version": "3.18.0aS"
},
{
"status": "affected",
"version": "3.18.0S"
},
{
"status": "affected",
"version": "3.18.1S"
},
{
"status": "affected",
"version": "3.18.2S"
},
{
"status": "affected",
"version": "3.18.3S"
},
{
"status": "affected",
"version": "3.18.4S"
},
{
"status": "affected",
"version": "3.18.0SP"
},
{
"status": "affected",
"version": "3.18.1SP"
},
{
"status": "affected",
"version": "3.18.1aSP"
},
{
"status": "affected",
"version": "3.18.1bSP"
},
{
"status": "affected",
"version": "3.18.1cSP"
},
{
"status": "affected",
"version": "3.18.2SP"
},
{
"status": "affected",
"version": "3.18.2aSP"
},
{
"status": "affected",
"version": "3.18.3SP"
},
{
"status": "affected",
"version": "3.18.4SP"
},
{
"status": "affected",
"version": "3.18.3aSP"
},
{
"status": "affected",
"version": "3.18.3bSP"
},
{
"status": "affected",
"version": "3.18.5SP"
},
{
"status": "affected",
"version": "3.18.6SP"
},
{
"status": "affected",
"version": "3.18.7SP"
},
{
"status": "affected",
"version": "3.18.8aSP"
},
{
"status": "affected",
"version": "3.18.9SP"
},
{
"status": "affected",
"version": "3.9.0E"
},
{
"status": "affected",
"version": "3.9.1E"
},
{
"status": "affected",
"version": "3.9.2E"
},
{
"status": "affected",
"version": "16.6.1"
},
{
"status": "affected",
"version": "16.6.2"
},
{
"status": "affected",
"version": "16.6.3"
},
{
"status": "affected",
"version": "16.6.4"
},
{
"status": "affected",
"version": "16.6.5"
},
{
"status": "affected",
"version": "16.6.4a"
},
{
"status": "affected",
"version": "16.6.5a"
},
{
"status": "affected",
"version": "16.6.6"
},
{
"status": "affected",
"version": "16.6.7"
},
{
"status": "affected",
"version": "16.6.8"
},
{
"status": "affected",
"version": "16.6.9"
},
{
"status": "affected",
"version": "16.6.10"
},
{
"status": "affected",
"version": "16.7.1"
},
{
"status": "affected",
"version": "16.7.1a"
},
{
"status": "affected",
"version": "16.7.1b"
},
{
"status": "affected",
"version": "16.7.2"
},
{
"status": "affected",
"version": "16.7.3"
},
{
"status": "affected",
"version": "16.7.4"
},
{
"status": "affected",
"version": "16.8.1"
},
{
"status": "affected",
"version": "16.8.1a"
},
{
"status": "affected",
"version": "16.8.1b"
},
{
"status": "affected",
"version": "16.8.1s"
},
{
"status": "affected",
"version": "16.8.1c"
},
{
"status": "affected",
"version": "16.8.1d"
},
{
"status": "affected",
"version": "16.8.2"
},
{
"status": "affected",
"version": "16.8.1e"
},
{
"status": "affected",
"version": "16.8.3"
},
{
"status": "affected",
"version": "16.9.1"
},
{
"status": "affected",
"version": "16.9.2"
},
{
"status": "affected",
"version": "16.9.1a"
},
{
"status": "affected",
"version": "16.9.1b"
},
{
"status": "affected",
"version": "16.9.1s"
},
{
"status": "affected",
"version": "16.9.3"
},
{
"status": "affected",
"version": "16.9.4"
},
{
"status": "affected",
"version": "16.9.3a"
},
{
"status": "affected",
"version": "16.9.5"
},
{
"status": "affected",
"version": "16.9.5f"
},
{
"status": "affected",
"version": "16.9.6"
},
{
"status": "affected",
"version": "16.9.7"
},
{
"status": "affected",
"version": "16.9.8"
},
{
"status": "affected",
"version": "16.10.1"
},
{
"status": "affected",
"version": "16.10.1a"
},
{
"status": "affected",
"version": "16.10.1b"
},
{
"status": "affected",
"version": "16.10.1s"
},
{
"status": "affected",
"version": "16.10.1c"
},
{
"status": "affected",
"version": "16.10.1e"
},
{
"status": "affected",
"version": "16.10.1d"
},
{
"status": "affected",
"version": "16.10.2"
},
{
"status": "affected",
"version": "16.10.1f"
},
{
"status": "affected",
"version": "16.10.1g"
},
{
"status": "affected",
"version": "16.10.3"
},
{
"status": "affected",
"version": "3.10.0E"
},
{
"status": "affected",
"version": "3.10.1E"
},
{
"status": "affected",
"version": "3.10.0cE"
},
{
"status": "affected",
"version": "3.10.2E"
},
{
"status": "affected",
"version": "3.10.3E"
},
{
"status": "affected",
"version": "16.11.1"
},
{
"status": "affected",
"version": "16.11.1a"
},
{
"status": "affected",
"version": "16.11.1b"
},
{
"status": "affected",
"version": "16.11.2"
},
{
"status": "affected",
"version": "16.11.1s"
},
{
"status": "affected",
"version": "16.12.1"
},
{
"status": "affected",
"version": "16.12.1s"
},
{
"status": "affected",
"version": "16.12.1a"
},
{
"status": "affected",
"version": "16.12.1c"
},
{
"status": "affected",
"version": "16.12.1w"
},
{
"status": "affected",
"version": "16.12.2"
},
{
"status": "affected",
"version": "16.12.1y"
},
{
"status": "affected",
"version": "16.12.2a"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "16.12.8"
},
{
"status": "affected",
"version": "16.12.2s"
},
{
"status": "affected",
"version": "16.12.1x"
},
{
"status": "affected",
"version": "16.12.1t"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "16.12.3s"
},
{
"status": "affected",
"version": "16.12.3a"
},
{
"status": "affected",
"version": "16.12.4a"
},
{
"status": "affected",
"version": "16.12.5"
},
{
"status": "affected",
"version": "16.12.6"
},
{
"status": "affected",
"version": "16.12.1z1"
},
{
"status": "affected",
"version": "16.12.5a"
},
{
"status": "affected",
"version": "16.12.5b"
},
{
"status": "affected",
"version": "16.12.1z2"
},
{
"status": "affected",
"version": "16.12.6a"
},
{
"status": "affected",
"version": "16.12.7"
},
{
"status": "affected",
"version": "16.12.9"
},
{
"status": "affected",
"version": "16.12.10"
},
{
"status": "affected",
"version": "16.12.10a"
},
{
"status": "affected",
"version": "16.12.11"
},
{
"status": "affected",
"version": "16.12.12"
},
{
"status": "affected",
"version": "16.12.13"
},
{
"status": "affected",
"version": "3.11.0E"
},
{
"status": "affected",
"version": "3.11.1E"
},
{
"status": "affected",
"version": "3.11.2E"
},
{
"status": "affected",
"version": "3.11.3E"
},
{
"status": "affected",
"version": "3.11.1aE"
},
{
"status": "affected",
"version": "3.11.4E"
},
{
"status": "affected",
"version": "3.11.3aE"
},
{
"status": "affected",
"version": "3.11.5E"
},
{
"status": "affected",
"version": "3.11.6E"
},
{
"status": "affected",
"version": "3.11.7E"
},
{
"status": "affected",
"version": "3.11.8E"
},
{
"status": "affected",
"version": "3.11.9E"
},
{
"status": "affected",
"version": "3.11.10E"
},
{
"status": "affected",
"version": "3.11.11E"
},
{
"status": "affected",
"version": "3.11.12E"
},
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "17.1.1a"
},
{
"status": "affected",
"version": "17.1.1s"
},
{
"status": "affected",
"version": "17.1.1t"
},
{
"status": "affected",
"version": "17.1.3"
},
{
"status": "affected",
"version": "17.2.1"
},
{
"status": "affected",
"version": "17.2.1r"
},
{
"status": "affected",
"version": "17.2.1a"
},
{
"status": "affected",
"version": "17.2.1v"
},
{
"status": "affected",
"version": "17.2.2"
},
{
"status": "affected",
"version": "17.2.3"
},
{
"status": "affected",
"version": "17.3.1"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.3.1a"
},
{
"status": "affected",
"version": "17.3.1w"
},
{
"status": "affected",
"version": "17.3.2a"
},
{
"status": "affected",
"version": "17.3.1x"
},
{
"status": "affected",
"version": "17.3.1z"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.3.4a"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "17.3.4b"
},
{
"status": "affected",
"version": "17.3.4c"
},
{
"status": "affected",
"version": "17.3.5a"
},
{
"status": "affected",
"version": "17.3.5b"
},
{
"status": "affected",
"version": "17.3.7"
},
{
"status": "affected",
"version": "17.3.8"
},
{
"status": "affected",
"version": "17.3.8a"
},
{
"status": "affected",
"version": "17.4.1"
},
{
"status": "affected",
"version": "17.4.2"
},
{
"status": "affected",
"version": "17.4.1a"
},
{
"status": "affected",
"version": "17.4.1b"
},
{
"status": "affected",
"version": "17.4.2a"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "17.5.1a"
},
{
"status": "affected",
"version": "17.6.1"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.6.1w"
},
{
"status": "affected",
"version": "17.6.1a"
},
{
"status": "affected",
"version": "17.6.1x"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.6.1y"
},
{
"status": "affected",
"version": "17.6.1z"
},
{
"status": "affected",
"version": "17.6.3a"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.6.1z1"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.6.6"
},
{
"status": "affected",
"version": "17.6.6a"
},
{
"status": "affected",
"version": "17.6.5a"
},
{
"status": "affected",
"version": "17.6.7"
},
{
"status": "affected",
"version": "17.6.8"
},
{
"status": "affected",
"version": "17.6.8a"
},
{
"status": "affected",
"version": "17.7.1"
},
{
"status": "affected",
"version": "17.7.1a"
},
{
"status": "affected",
"version": "17.7.1b"
},
{
"status": "affected",
"version": "17.7.2"
},
{
"status": "affected",
"version": "17.10.1"
},
{
"status": "affected",
"version": "17.10.1a"
},
{
"status": "affected",
"version": "17.10.1b"
},
{
"status": "affected",
"version": "17.8.1"
},
{
"status": "affected",
"version": "17.8.1a"
},
{
"status": "affected",
"version": "17.9.1"
},
{
"status": "affected",
"version": "17.9.1w"
},
{
"status": "affected",
"version": "17.9.2"
},
{
"status": "affected",
"version": "17.9.1a"
},
{
"status": "affected",
"version": "17.9.1x"
},
{
"status": "affected",
"version": "17.9.1y"
},
{
"status": "affected",
"version": "17.9.3"
},
{
"status": "affected",
"version": "17.9.2a"
},
{
"status": "affected",
"version": "17.9.1x1"
},
{
"status": "affected",
"version": "17.9.3a"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.9.1y1"
},
{
"status": "affected",
"version": "17.9.5"
},
{
"status": "affected",
"version": "17.9.4a"
},
{
"status": "affected",
"version": "17.9.5a"
},
{
"status": "affected",
"version": "17.9.5b"
},
{
"status": "affected",
"version": "17.9.6"
},
{
"status": "affected",
"version": "17.9.6a"
},
{
"status": "affected",
"version": "17.9.7"
},
{
"status": "affected",
"version": "17.9.5e"
},
{
"status": "affected",
"version": "17.9.5f"
},
{
"status": "affected",
"version": "17.9.7a"
},
{
"status": "affected",
"version": "17.9.7b"
},
{
"status": "affected",
"version": "17.11.1"
},
{
"status": "affected",
"version": "17.11.1a"
},
{
"status": "affected",
"version": "17.12.1"
},
{
"status": "affected",
"version": "17.12.1w"
},
{
"status": "affected",
"version": "17.12.1a"
},
{
"status": "affected",
"version": "17.12.1x"
},
{
"status": "affected",
"version": "17.12.2"
},
{
"status": "affected",
"version": "17.12.3"
},
{
"status": "affected",
"version": "17.12.2a"
},
{
"status": "affected",
"version": "17.12.1y"
},
{
"status": "affected",
"version": "17.12.1z"
},
{
"status": "affected",
"version": "17.12.4"
},
{
"status": "affected",
"version": "17.12.3a"
},
{
"status": "affected",
"version": "17.12.1z1"
},
{
"status": "affected",
"version": "17.12.1z2"
},
{
"status": "affected",
"version": "17.12.4a"
},
{
"status": "affected",
"version": "17.12.5"
},
{
"status": "affected",
"version": "17.12.4b"
},
{
"status": "affected",
"version": "17.12.1z3"
},
{
"status": "affected",
"version": "17.12.5a"
},
{
"status": "affected",
"version": "17.12.1z4"
},
{
"status": "affected",
"version": "17.12.5b"
},
{
"status": "affected",
"version": "17.12.5c"
},
{
"status": "affected",
"version": "17.13.1"
},
{
"status": "affected",
"version": "17.13.1a"
},
{
"status": "affected",
"version": "17.14.1"
},
{
"status": "affected",
"version": "17.14.1a"
},
{
"status": "affected",
"version": "17.15.1"
},
{
"status": "affected",
"version": "17.15.1w"
},
{
"status": "affected",
"version": "17.15.1a"
},
{
"status": "affected",
"version": "17.15.2"
},
{
"status": "affected",
"version": "17.15.1b"
},
{
"status": "affected",
"version": "17.15.1x"
},
{
"status": "affected",
"version": "17.15.1z"
},
{
"status": "affected",
"version": "17.15.3"
},
{
"status": "affected",
"version": "17.15.2c"
},
{
"status": "affected",
"version": "17.15.2a"
},
{
"status": "affected",
"version": "17.15.1y"
},
{
"status": "affected",
"version": "17.15.2b"
},
{
"status": "affected",
"version": "17.15.3a"
},
{
"status": "affected",
"version": "17.15.4"
},
{
"status": "affected",
"version": "17.15.3b"
},
{
"status": "affected",
"version": "17.16.1"
},
{
"status": "affected",
"version": "17.16.1a"
},
{
"status": "affected",
"version": "17.17.1"
},
{
"status": "affected",
"version": "17.18.1"
}
]
},
{
"product": "Cisco IOS XE Catalyst SD-WAN",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "16.9.1"
},
{
"status": "affected",
"version": "16.9.2"
},
{
"status": "affected",
"version": "16.9.3"
},
{
"status": "affected",
"version": "16.9.4"
},
{
"status": "affected",
"version": "16.10.1"
},
{
"status": "affected",
"version": "16.10.2"
},
{
"status": "affected",
"version": "16.10.3"
},
{
"status": "affected",
"version": "16.10.3a"
},
{
"status": "affected",
"version": "16.10.3b"
},
{
"status": "affected",
"version": "16.10.4"
},
{
"status": "affected",
"version": "16.10.5"
},
{
"status": "affected",
"version": "16.10.6"
},
{
"status": "affected",
"version": "16.11.1a"
},
{
"status": "affected",
"version": "16.12.1b"
},
{
"status": "affected",
"version": "16.12.1d"
},
{
"status": "affected",
"version": "16.12.1e"
},
{
"status": "affected",
"version": "16.12.2r"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "16.12.4a"
},
{
"status": "affected",
"version": "16.12.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following:\r\n\r \r An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials. \r An authenticated, remote attacker with high privileges could execute code as the root user on an affected device that is running Cisco IOS XE Software. To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device. \r \r An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks. \r\n\r This vulnerability is due to a stack overflow condition in the SNMP subsystem of the affected software. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.\r\n\r Note: This vulnerability affects all versions of SNMP."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) became aware of successful exploitation of this vulnerability in the wild after local Administrator credentials were compromised. Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T16:18:05.082Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-snmp-x4LPhte",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte"
}
],
"source": {
"advisory": "cisco-sa-snmp-x4LPhte",
"defects": [
"CSCwq31287"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20352",
"datePublished": "2025-09-24T17:10:42.891Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-09-30T16:18:05.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3375 (GCVE-0-2020-3375)
Vulnerability from cvelistv5
Published
2020-07-31 00:00
Modified
2024-11-13 18:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access, make changes to the system that they are not authorized to make, and execute commands on an affected system with privileges of the root user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdbufof-h5f5VSeL | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN vManage |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200729 Cisco SD-WAN Solution Software Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdbufof-h5f5VSeL"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:10:49.169910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:17:15.547Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN vManage",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-07-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access, make changes to the system that they are not authorized to make, and execute commands on an affected system with privileges of the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-31T00:00:54",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200729 Cisco SD-WAN Solution Software Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdbufof-h5f5VSeL"
}
],
"source": {
"advisory": "cisco-sa-sdbufof-h5f5VSeL",
"defect": [
[
"CSCvt11538"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Solution Software Buffer Overflow Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-07-29T16:00:00",
"ID": "CVE-2020-3375",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Solution Software Buffer Overflow Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vManage",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access, make changes to the system that they are not authorized to make, and execute commands on an affected system with privileges of the root user."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200729 Cisco SD-WAN Solution Software Buffer Overflow Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdbufof-h5f5VSeL"
}
]
},
"source": {
"advisory": "cisco-sa-sdbufof-h5f5VSeL",
"defect": [
[
"CSCvt11538"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3375",
"datePublished": "2020-07-31T00:00:54.582569Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:17:15.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34727 (GCVE-0-2021-34727)
Vulnerability from cvelistv5
Published
2021-09-23 02:26
Modified
2024-11-07 21:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE SD-WAN Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34727",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:55:54.920129Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:58:32.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE SD-WAN Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:26:30",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp"
}
],
"source": {
"advisory": "cisco-sa-iosxesdwan-rbuffover-vE2OB6tp",
"defect": [
[
"CSCvt49022"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-34727",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE SD-WAN Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp"
}
]
},
"source": {
"advisory": "cisco-sa-iosxesdwan-rbuffover-vE2OB6tp",
"defect": [
[
"CSCvt49022"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34727",
"datePublished": "2021-09-23T02:26:30.919249Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:58:32.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20850 (GCVE-0-2022-20850)
Vulnerability from cvelistv5
Published
2022-09-30 18:46
Modified
2024-11-01 18:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:50.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20850",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T18:40:31.320155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T18:50:42.028Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-09-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-30T18:46:05",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
}
],
"source": {
"advisory": "cisco-sa-arb-file-delete-VB2rVcQv",
"defect": [
[
"CSCvm25943"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Arbitrary File Deletion Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-09-28T16:00:00",
"ID": "CVE-2022-20850",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Arbitrary File Deletion Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.5",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
}
]
},
"source": {
"advisory": "cisco-sa-arb-file-delete-VB2rVcQv",
"defect": [
[
"CSCvm25943"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20850",
"datePublished": "2022-09-30T18:46:05.246074Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-01T18:50:42.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1432 (GCVE-0-2021-1432)
Vulnerability from cvelistv5
Published
2021-03-24 20:05
Modified
2024-11-08 23:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are then executed on the device by the root user. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:20:38.778001Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:36:27.759Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are then executed on the device by the root user. A successful exploit could allow the attacker to execute arbitrary commands as the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-24T20:05:21",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3"
}
],
"source": {
"advisory": "cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3",
"defect": [
[
"CSCvu50633"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-03-24T16:00:00",
"ID": "CVE-2021-1432",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are then executed on the device by the root user. A successful exploit could allow the attacker to execute arbitrary commands as the root user."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.3",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3"
}
]
},
"source": {
"advisory": "cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3",
"defect": [
[
"CSCvu50633"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1432",
"datePublished": "2021-03-24T20:05:22.021542Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:36:27.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20151 (GCVE-0-2025-20151)
Vulnerability from cvelistv5
Published
2025-05-07 17:18
Modified
2025-05-07 19:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-16 - Configuration
Summary
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration.
This vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied.
Note: The attacker has no control of the SNMPv3 configuration. To exploit this vulnerability, the attacker must have valid SNMPv3 user credentials.
For more information, see the section of this advisory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Catalyst SD-WAN |
Version: 16.10.6 Version: 16.12.3 Version: 16.12.1 Version: 16.12.1a Version: 16.12.4a Version: 16.12.2r Version: 16.12.1c Version: 16.10.4 Version: 16.12.1b1 Version: 16.10.5 Version: 16.12.4 Version: 16.10.3 Version: 16.10.3a Version: 16.12.1b Version: 16.10.3b Version: 16.12.1d Version: 16.11.1s Version: 16.9.1 Version: 16.11.1a Version: 16.11.1d Version: 16.9.2 Version: 16.10.1 Version: 16.11.1f Version: 16.9.4 Version: 16.9.3 Version: 16.10.2 Version: 16.12.1e Version: 16.11.1b Version: 16.11.1 Version: 16.12.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20151",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T18:56:21.184209Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T19:46:24.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IOS XE Catalyst SD-WAN",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "16.10.6"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "16.12.1"
},
{
"status": "affected",
"version": "16.12.1a"
},
{
"status": "affected",
"version": "16.12.4a"
},
{
"status": "affected",
"version": "16.12.2r"
},
{
"status": "affected",
"version": "16.12.1c"
},
{
"status": "affected",
"version": "16.10.4"
},
{
"status": "affected",
"version": "16.12.1b1"
},
{
"status": "affected",
"version": "16.10.5"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "16.10.3"
},
{
"status": "affected",
"version": "16.10.3a"
},
{
"status": "affected",
"version": "16.12.1b"
},
{
"status": "affected",
"version": "16.10.3b"
},
{
"status": "affected",
"version": "16.12.1d"
},
{
"status": "affected",
"version": "16.11.1s"
},
{
"status": "affected",
"version": "16.9.1"
},
{
"status": "affected",
"version": "16.11.1a"
},
{
"status": "affected",
"version": "16.11.1d"
},
{
"status": "affected",
"version": "16.9.2"
},
{
"status": "affected",
"version": "16.10.1"
},
{
"status": "affected",
"version": "16.11.1f"
},
{
"status": "affected",
"version": "16.9.4"
},
{
"status": "affected",
"version": "16.9.3"
},
{
"status": "affected",
"version": "16.10.2"
},
{
"status": "affected",
"version": "16.12.1e"
},
{
"status": "affected",
"version": "16.11.1b"
},
{
"status": "affected",
"version": "16.11.1"
},
{
"status": "affected",
"version": "16.12.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration.\r\n\r\nThis vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied.\r\nNote: The attacker has no control of the SNMPv3 configuration. To exploit this vulnerability, the attacker must have valid SNMPv3 user credentials.\r\nFor more information, see the section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-16",
"description": "Configuration",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T17:18:44.414Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-snmpv3-qKEYvzsy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpv3-qKEYvzsy"
}
],
"source": {
"advisory": "cisco-sa-snmpv3-qKEYvzsy",
"defects": [
"CSCwi84832"
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20151",
"datePublished": "2025-05-07T17:18:44.414Z",
"dateReserved": "2024-10-10T19:15:13.216Z",
"dateUpdated": "2025-05-07T19:46:24.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1301 (GCVE-0-2021-1301)
Vulnerability from cvelistv5
Published
2021-01-20 19:55
Modified
2024-11-12 20:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Buffer Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1301",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T19:57:06.857061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:27:38.208Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T19:55:40",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Buffer Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj"
}
],
"source": {
"advisory": "cisco-sa-sdwan-bufovulns-B5NrSHbj",
"defect": [
[
"CSCvi69895",
"CSCvt11525"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Buffer Overflow Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-20T16:00:00",
"ID": "CVE-2021-1301",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Buffer Overflow Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210120 Cisco SD-WAN Buffer Overflow Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-bufovulns-B5NrSHbj",
"defect": [
[
"CSCvi69895",
"CSCvt11525"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1301",
"datePublished": "2021-01-20T19:55:40.540418Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-12T20:27:38.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1454 (GCVE-0-2021-1454)
Vulnerability from cvelistv5
Published
2021-03-24 20:06
Modified
2024-11-08 23:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1454",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:19:47.157767Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:34:12.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-24T20:06:45",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
}
],
"source": {
"advisory": "cisco-sa-xesdwpinj-V4weeqzU",
"defect": [
[
"CSCvk59304",
"CSCvw64834"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-03-24T16:00:00",
"ID": "CVE-2021-1454",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.0",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
}
]
},
"source": {
"advisory": "cisco-sa-xesdwpinj-V4weeqzU",
"defect": [
[
"CSCvk59304",
"CSCvw64834"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1454",
"datePublished": "2021-03-24T20:06:45.916374Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:34:12.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1371 (GCVE-0-2021-1371)
Vulnerability from cvelistv5
Published
2021-03-24 20:15
Modified
2024-11-08 23:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:19:29.781002Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:31:47.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-24T20:15:51",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9"
}
],
"source": {
"advisory": "cisco-sa-sdwan-esc-rSNVvTf9",
"defect": [
[
"CSCvv43400"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-03-24T16:00:00",
"ID": "CVE-2021-1371",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.6",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210324 Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-esc-rSNVvTf9",
"defect": [
[
"CSCvv43400"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1371",
"datePublished": "2021-03-24T20:15:51.816980Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:31:47.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1279 (GCVE-0-2021-1279)
Vulnerability from cvelistv5
Published
2021-01-20 19:56
Modified
2024-11-12 20:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:06:05.270168Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:25:21.910Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN Solution",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T19:56:23",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"source": {
"advisory": "cisco-sa-sdwan-dosmulti-48jJuEUP",
"defect": [
[
"CSCvq20708",
"CSCvt11522",
"CSCvt11523",
"CSCvt11530",
"CSCvu28409",
"CSCvu31763"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN Denial of Service Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-20T16:00:00",
"ID": "CVE-2021-1279",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN Denial of Service Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN Solution",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210120 Cisco SD-WAN Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
]
},
"source": {
"advisory": "cisco-sa-sdwan-dosmulti-48jJuEUP",
"defect": [
[
"CSCvq20708",
"CSCvt11522",
"CSCvt11523",
"CSCvt11530",
"CSCvu28409",
"CSCvu31763"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1279",
"datePublished": "2021-01-20T19:56:23.484524Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-12T20:25:21.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20035 (GCVE-0-2023-20035)
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-10-28 16:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230322 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20035",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T16:19:23.522101Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T16:32:57.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-146",
"description": "CWE-146",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-23T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230322 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw"
}
],
"source": {
"advisory": "cisco-sa-ios-xe-sdwan-VQAhEjYw",
"defect": [
[
"CSCvx72976",
"CSCwc41942"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20035",
"datePublished": "2023-03-23T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-28T16:32:57.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-07-31 00:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access, make changes to the system that they are not authorized to make, and execute commands on an affected system with privileges of the root user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | sd-wan | * | |
| cisco | sd-wan | * | |
| cisco | sd-wan | * | |
| cisco | sd-wan | * | |
| cisco | ios_xe_sd-wan | * | |
| cisco | ios_xe_sd-wan | * | |
| cisco | ios_xe_sd-wan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30119125-8E6B-4E21-ABD0-AE4023AC91A9",
"versionEndIncluding": "18.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC62B7F1-C94F-4943-AF83-2DB6D7B1C710",
"versionEndExcluding": "18.4.5",
"versionStartIncluding": "18.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C11C806-7F69-49D3-A3F5-D6B2AA809D22",
"versionEndExcluding": "19.2.2",
"versionStartIncluding": "19.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD701074-76E0-477B-B0FF-085BC1DC69D6",
"versionEndExcluding": "20.1.1",
"versionStartIncluding": "19.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FABA82FB-C442-4CBC-BCE5-0AA465EFCBB1",
"versionEndIncluding": "16.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D0BCAA-C60C-47C8-92C7-991DE4E636E3",
"versionEndIncluding": "16.12.4",
"versionStartIncluding": "16.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1297BA8-9502-4D6E-8508-2396D7963887",
"versionEndIncluding": "17.2.1",
"versionStartIncluding": "17.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access, make changes to the system that they are not authorized to make, and execute commands on an affected system with privileges of the root user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco SD-WAN Solution Software podr\u00eda permitir a un atacante remoto no autenticado causar un desbordamiento del b\u00fafer sobre un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico dise\u00f1ado hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante obtener acceso a informaci\u00f3n a la que no est\u00e1 autorizado a acceder, realizar cambios en el sistema que no est\u00e1 autorizado para hacer y ejecutar comandos sobre un sistema afectado con privilegios del usuario root"
}
],
"id": "CVE-2020-3375",
"lastModified": "2024-11-21T05:30:54.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-31T00:15:12.850",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdbufof-h5f5VSeL"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdbufof-h5f5VSeL"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-03 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | 16.9.0 | |
| cisco | ios_xe_sd-wan | 16.9.1 | |
| cisco | ios_xe_sd-wan | 16.9.2 | |
| cisco | ios_xe_sd-wan | 16.9.3 | |
| cisco | ios_xe_sd-wan | 16.9.4 | |
| cisco | ios_xe_sd-wan | 16.10.0 | |
| cisco | ios_xe_sd-wan | 16.10.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2974ECE7-FA2D-499D-987C-C8774AE97B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A45A569-C122-4474-BE14-AF7BA71736BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC516F4-F6DD-460D-BBC4-DD32CC0F1180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD04C1FB-F8F8-486A-9E2F-EB01856B1C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "156D51A0-506C-47FD-BF45-955C1B881976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE6B892-71B8-41DB-BA16-0502DB8C6A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "23468BBF-F5AB-4924-A084-F065BB02BF22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco IOS XE SD-WAN Software, podr\u00eda permitir a un atacante f\u00edsico no autenticado omitir la autenticaci\u00f3n y conseguir acceso sin restricciones al shell root de un dispositivo afectado. La vulnerabilidad se presenta porque el software afectado presenta mecanismos de autenticaci\u00f3n insuficientes para determinados comandos. Un atacante podr\u00eda explotar esta vulnerabilidad al detener la inicializaci\u00f3n de arranque de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir la autenticaci\u00f3n y conseguir acceso sin restricciones al shell root del dispositivo afectado."
}
],
"id": "CVE-2020-3216",
"lastModified": "2024-11-21T05:30:34.830",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-03T18:15:19.650",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-auth-b-NzwhJHH7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-auth-b-NzwhJHH7"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-20 20:15
Modified
2024-11-21 05:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | - | |
| cisco | sd-wan_firmware | 18.3.5 | |
| cisco | sd-wan_firmware | 18.3.8 | |
| cisco | sd-wan_firmware | 18.4.1 | |
| cisco | sd-wan_firmware | 18.4.4 | |
| cisco | sd-wan_firmware | 18.4.5 | |
| cisco | sd-wan_firmware | 19.2.0 | |
| cisco | sd-wan_firmware | 19.2.1 | |
| cisco | sd-wan_firmware | 19.2.2 | |
| cisco | sd-wan_firmware | 19.2.99 | |
| cisco | sd-wan_firmware | 20.1.0 | |
| cisco | sd-wan_vsmart_controller_firmware | * | |
| cisco | vedge_100_router | - | |
| cisco | vedge_1000_router | - | |
| cisco | vedge_100b_router | - | |
| cisco | vedge_100m_router | - | |
| cisco | vedge_100wm_router | - | |
| cisco | vedge_2000_router | - | |
| cisco | vedge_5000_router | - | |
| cisco | vedge_cloud_router | - | |
| cisco | catalyst_sd-wan_manager | - | |
| cisco | sd-wan_vbond_orchestrator | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30EE0731-351C-4889-8335-3E7E7955A385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4CBD6FD9-84EE-416C-B77D-843D2FAAF1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0015FD1E-1BCD-40AB-8C21-264AB9F6E123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C9F1DA-0527-4442-B0B4-4467960D30C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0717AEB4-93B0-47F5-9F1B-153A519AD2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0065B109-5020-48AE-B10F-3452444748C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C535AB3-DCCE-4CFB-8479-08550552E863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C2CBB8-7296-4549-B98C-D39FA1D35E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "B74606C6-B292-4D23-8652-5CF49BDD8369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:20.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF9C5E2-1A91-43A0-8F51-05A2E204BF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBC49D2-5618-416A-AE3C-6421B8B09C80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEE108-5CF9-4F19-9A52-40850F850E91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AF418B-E5C4-4FEA-A9B9-9D29002702CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8282DC4-099F-4379-8B2A-7B876AE29779",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9952ECE-2659-4CAC-B29C-6439391FADDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAF9E5F-C858-44C8-9F81-0916324CF513",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA0F3A1-3442-4491-95D6-F5B17A09DB73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E1CFE1-8CF7-48BE-833F-03F72B3BAFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3773F59-DF2E-4387-8E27-C08FE1E6549D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3D96F7-3574-443F-9AD4-5E62E0F5E4F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en los productos Cisco SD-WAN, podr\u00edan permitir a un atacante no autenticado remoto ejecutar ataques de denegaci\u00f3n de servicio (DoS) contra un dispositivo afectado. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1279",
"lastModified": "2024-11-21T05:43:59.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-20T20:15:16.253",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 06:11
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Summary
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9AD971B-2DB8-416D-B895-B1D0867C8F55",
"versionEndIncluding": "17.3.1a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4856E07-B3C2-4674-9584-866F6AF643B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:422_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03A273EE-41C1-41E9-9002-46F83FC6533F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000_series:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76B7C13F-46C5-460A-A6C9-3837A28A0CE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000_series_route_processor_\\(rp2\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "C02F9303-F9DF-4166-AB4B-8C26B9FAD109",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000_series_route_processor_\\(rp3\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "372CB4D6-BB22-4521-9C18-C0A663717168",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8B0B49-2C99-410B-B011-5B821C5992FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de Cisco IOS XE SD-WAN Software podr\u00eda permitir a un atacante local autenticado elevar los privilegios y ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente como usuario root. Un atacante debe estar autenticado en un dispositivo afectado como usuario PRIV15. Esta vulnerabilidad es debido a una protecci\u00f3n insuficiente del sistema de archivos y a la presencia de un archivo confidencial en el directorio bootflash de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad al sobrescribir un archivo de instalaci\u00f3n almacenado en el directorio bootflash con comandos arbitrarios que pueden ser ejecutados con privilegios de nivel root. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante leer y escribir cambios en la base de datos de configuraci\u00f3n del dispositivo afectado"
}
],
"id": "CVE-2021-34724",
"lastModified": "2024-11-21T06:11:03.303",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T03:15:18.813",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-20 21:15
Modified
2024-11-21 05:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | - | |
| cisco | sd-wan_firmware | 18.3.5 | |
| cisco | sd-wan_firmware | 18.3.8 | |
| cisco | sd-wan_firmware | 18.4.1 | |
| cisco | sd-wan_firmware | 18.4.4 | |
| cisco | sd-wan_firmware | 18.4.5 | |
| cisco | sd-wan_firmware | 19.2.0 | |
| cisco | sd-wan_firmware | 19.2.1 | |
| cisco | sd-wan_firmware | 19.2.2 | |
| cisco | sd-wan_firmware | 19.2.99 | |
| cisco | sd-wan_firmware | 20.1.0 | |
| cisco | sd-wan_vsmart_controller_firmware | * | |
| cisco | vedge_100_router | - | |
| cisco | vedge_1000_router | - | |
| cisco | vedge_100b_router | - | |
| cisco | vedge_100m_router | - | |
| cisco | vedge_100wm_router | - | |
| cisco | vedge_2000_router | - | |
| cisco | vedge_5000_router | - | |
| cisco | vedge_cloud_router | - | |
| cisco | catalyst_sd-wan_manager | - | |
| cisco | sd-wan_vbond_orchestrator | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30EE0731-351C-4889-8335-3E7E7955A385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4CBD6FD9-84EE-416C-B77D-843D2FAAF1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0015FD1E-1BCD-40AB-8C21-264AB9F6E123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C9F1DA-0527-4442-B0B4-4467960D30C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0717AEB4-93B0-47F5-9F1B-153A519AD2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0065B109-5020-48AE-B10F-3452444748C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C535AB3-DCCE-4CFB-8479-08550552E863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C2CBB8-7296-4549-B98C-D39FA1D35E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "B74606C6-B292-4D23-8652-5CF49BDD8369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:20.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF9C5E2-1A91-43A0-8F51-05A2E204BF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBC49D2-5618-416A-AE3C-6421B8B09C80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEE108-5CF9-4F19-9A52-40850F850E91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AF418B-E5C4-4FEA-A9B9-9D29002702CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8282DC4-099F-4379-8B2A-7B876AE29779",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9952ECE-2659-4CAC-B29C-6439391FADDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAF9E5F-C858-44C8-9F81-0916324CF513",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA0F3A1-3442-4491-95D6-F5B17A09DB73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E1CFE1-8CF7-48BE-833F-03F72B3BAFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3773F59-DF2E-4387-8E27-C08FE1E6549D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3D96F7-3574-443F-9AD4-5E62E0F5E4F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en los productos Cisco SD-WAN, podr\u00edan permitir a un atacante remoto no autenticado ejecutar ataques de denegaci\u00f3n de servicio (DoS) contra un dispositivo afectado. Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1241",
"lastModified": "2024-11-21T05:43:54.397",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-20T21:15:12.100",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 05:44
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "296636F1-9242-429B-8472-90352C056106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "77993343-0394-413F-ABF9-C1215E9AD800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "283971DD-DD58-4A76-AC2A-F316534ED416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8F324A5-4830-482E-A684-AB3B6594CEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E8120196-8648-49D0-8262-CD4C9C90C37A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "33E7CCE2-C685-4019-9B55-B3BECB3E5F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "0699DD6E-BA74-4814-93AB-300329C9D032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E2D781-2684-45F1-AC52-636572A0DCA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "479FB47B-AF2E-4FCB-8DE0-400BF325666C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2B4C78-5C31-4F3D-9639-305E15576E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2C09F0A2-B21F-40ED-A6A8-9A29D6E1C6A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "32BA13F4-EF9C-4368-B8B1-9FD9FAF5CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "13CB889F-B064-4CAC-99AC-903745ACA566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "77E8AF15-AB46-4EAB-8872-8C55E8601599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "957318BE-55D4-4585-AA52-C813301D01C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8F11B703-8A0F-47ED-AA70-951FF78B94A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7B2557-821D-4E05-B5C3-67192573D97D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE6EC32-51E4-43A3-BFB9-A0D842D08E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "187F699A-AF2F-42B0-B855-27413140C384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0B905E-4D92-4FD6-B2FF-41FF1F59A948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62EDEC28-661E-42EF-88F0-F62D0220D2E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F821EBD7-91E2-4460-BFAF-18482CF6CB8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E36D2D24-8F63-46DE-AC5F-8DE33332EBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B825E6-5929-4890-BDBA-4CF4BD2314C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65020120-491D-46CD-8C73-974B6F4C11E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7ADDCD0A-6168-45A0-A885-76CC70FE2FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "3F35C623-6043-43A6-BBAA-478E185480CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D83E34F4-F4DD-49CC-9C95-93F9D4D26B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "D2833EAE-94C8-4279-A244-DDB6E2D15DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "4B688E46-5BAD-4DEC-8B13-B184B141B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8F50DB-3A80-4D89-9F7B-86766D37338B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFC70A2-87BC-4898-BCF3-57F7B1DD5F10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "3F13F583-F645-4DF0-A075-B4F19D71D128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8DA556-ABF3-48D0-95B8-E57DBE1B5A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "01B53828-C520-4845-9C14-6C7D50EAA3A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "623BF701-ADC9-4F24-93C5-043A6A7FEF5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E5311FBE-12BF-41AC-B8C6-D86007834863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "52FB055E-72F9-4CB7-A51D-BF096BD1A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FBD681F-7969-42BE-A47E-7C287755DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98255E6F-3056-487D-9157-403836EFB9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "521ACFB0-4FB2-44DB-AD7B-C27F9059DE66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4463A1D1-E169-4F0B-91B2-FA126BB444CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D97F69C3-CAA6-491C-A0B6-6DC12B5AB472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD58C58-1B0C-4A71-8C02-F555CEF9C253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "96852D16-AF50-4C70-B125-D2349E6765D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "A15B882A-BA60-4932-A55E-F4A798B30EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9C585C-A6EC-4385-B915-046C110BF95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC2EE60-4A07-4D92-B9BC-BF07CF4F2BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47DBE4ED-1CD8-4134-9B33-17A91F44F17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0375BF9E-D04B-4E5B-9051-536806ECA44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "2266E5A2-B3F6-4389-B8E2-42CB845EC7F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "012A6CF7-9104-4882-9C95-E6D4458AB778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF5214D-9257-498F-A3EB-C4EC18E2FEB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "78DE7780-4E8B-4BB6-BDEB-58032EC65851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F29CEE37-4044-4A3C-9685-C9C021FD346A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "3DC5BB06-100F-42C9-8CEB-CC47FD26DDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "5292764A-7D1C-4E04-86EF-809CB68EDD25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FDA817-3A50-4B9E-8F4E-F613BDB3E9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "1E16D266-108F-4F8A-998D-F1CA25F2EAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3h:*:*:*:*:*:*:*",
"matchCriteriaId": "F84AE35F-D016-4B8F-8FE2-C2ACB200DFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "41D55481-C80E-4400-9C3D-9F6B1F7F13CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BF9829-F80E-4837-A420-39B291C4E17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "D07F9539-CFBE-46F7-9F5E-93A68169797D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AB80E7-0714-44ED-9671-12C877B36A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5f:*:*:*:*:*:*:*",
"matchCriteriaId": "10182B94-6831-461E-B0FC-9476EAB6EBEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "961F8312-31B9-44E7-8858-EF8E2134F447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3D62EE1B-9A59-406C-B7DF-91B495F3ECFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D136D2BC-FFB5-4912-A3B1-BD96148CB9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "A22256FE-431C-4AD9-9E7F-7EAC2D81B1B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD5B3AB-27C2-4055-A3B7-0112D089FDA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "04081A51-E08F-4114-9276-584E836181D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "ADED0D82-2A4D-4235-BFAC-5EE2D862B652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "62A46516-CEB7-48D4-879B-341963A1FA31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1g:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EF98FA-6DF9-4935-9639-143E08462BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A443E93-6C4B-4F86-BA7C-7C2A929E795A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECEDD9D-6517-44BA-A95F-D1D5488C0E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "314C7763-A64D-4023-9F3F-9A821AE4151F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "5820D71D-FC93-45AA-BC58-A26A1A39C936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1C85DD-69CC-4AA8-B219-651D57FC3506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B53E377A-0296-4D7A-B97C-576B0026543D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD98C9E8-3EA6-4160-970D-37C389576516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "7745ED34-D59D-49CC-B174-96BCA03B3374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "19AF4CF3-6E79-4EA3-974D-CD451A192BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "313BD54C-073C-4F27-82D5-C99EFC3A20F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "93B96E01-3777-4C33-9225-577B469A6CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "65FC3CC1-CF4F-4A2D-A500-04395AFE8B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "D18B32E3-6B33-4E3D-879A-82E2F0BFC906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1za:*:*:*:*:*:*:*",
"matchCriteriaId": "027200FC-8AD4-47E4-A404-490AE4F997EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "443D78BA-A3DA-4D1F-A4DF-2F426DC6B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6FB4DC-814D-49D2-BBE2-3861AE985A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9173AD6-6658-4267-AAA7-D50D0B657528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F02EE9D-45B1-43D6-B05D-6FF19472216B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8FCB9440-F470-45D1-AAFA-01FB5D76B600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "3F66ECFE-B631-47AE-995F-024A4E586A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBFDD70-7AF3-47AE-94CA-56C19F2D6234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89369318-2E83-489F-B872-5F2E247BBF8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C87891C-B8D0-4286-B6A7-61037E1A6A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.1_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "46A0A536-ADF8-44D3-B960-767025DED25B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.1_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3B1F5A-5987-4720-94F5-614EB02639DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.1_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "D06B3980-ACB0-48B1-9801-754551213C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.1_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "EEEE351E-EE71-46C7-B6DA-62D54698AFB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.2_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "A340C7D4-71FC-4E41-80BA-AC683E3D5F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.2_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "C24003FB-0DC6-4449-8922-F4ACA80296C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.2_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB4A03C-8BCF-4660-9DA9-FE807E2AB9AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.2_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "9DE682DA-5B06-4A27-9A12-312668B78118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "25A6CA4F-5E4C-4F4B-AD6C-E4A12784B1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "61F3285F-2EE4-49C9-B5F7-EC725552AFC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "DCFFAEFE-C620-4F68-A681-DB9F493A3AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6FBED6-625C-4423-BD3A-486F262DE865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3a_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBD5FBB-27C6-4299-A46B-853D94F88795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3a_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "81AC53DA-1564-4EEB-A4E2-AE76E372BB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3a_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "58968DAC-01A0-4845-B053-20C5573B892C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3a_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "D35E9FD8-ADC1-4284-B393-E45F97C281E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3a_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "5F270440-7310-4FE0-8891-CA4B82EBE88C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3b_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC35326-C3E4-4E4C-9F9B-601F1FEE43DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3b_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD21F57-0588-4E67-A95C-ADECCB9EA659",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3b_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "2E2D3822-BD61-4909-B0F3-13A4A9C6A5D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3b_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "CB084FD4-A65E-4586-B467-F9DE9C1F7888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.3b_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC2FEB6-A721-4695-8E6D-229BDCC3C40C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.4_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB6F6B9-8D54-49E3-B1C9-B5E841F7106A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.4_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "F3168349-D399-44EC-8CD0-C99393C2ACD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.4_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "82CAA12B-31A8-466C-9A05-F89948546E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.4_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "B383C185-0FDB-4ED5-9E00-78844E9D62B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.4_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "CCCF3363-780C-49D9-AC78-65E150B7B28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.5_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "BCA8CAA1-0578-41E5-BA14-55B543AA1A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.5_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "B450CE67-F447-48F7-9909-7F6871A01296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.5_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "84A764D0-8FD7-4385-B3C3-175B9FA2CFCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.5_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "51EC19E2-546C-47C6-B436-A0040FCD501F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.5_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "45BA16BC-6B8C-4054-85D6-46C4475DEE1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.6_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "D5272305-0AAA-4EE0-9C1C-6B81DF937D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.6_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA4951E-F81E-4047-B07D-939F42A40305",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.6_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E1D135-E386-41B0-A258-A33D8CE4718E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.6_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD0C0C-F21E-4CA9-BD1E-4D15CEC2851A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.10.6_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "4D71B2C6-86C5-47D3-8FA3-CF92A0114AE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "E32E05A7-1BAE-4643-9551-43BC1FF6F526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "688E39CF-BAAB-4FD4-9D78-A503B5612F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "8328924E-A5FB-46A3-ABD9-7EBEF8CA2C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "84C3CFDE-DEF7-4394-9EE1-A523F141FB79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1a_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "8490BFFF-1742-40B0-9C18-472A0BA7B983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1a_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "2C76978A-41FB-455C-8A24-05B8C3DAB53B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1a_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "48474738-D136-4ACB-B7DF-450BA6083374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1a_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "FD4F063A-7729-4472-B97F-C3EF79046D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1a_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB2BB4F-7F85-4B35-A436-B217A5F3FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1b_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "CB206A40-E896-4C34-A5C9-BEA86B4AB517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1b_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A035D-86BC-49D6-ACCD-12C99949C15E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1b_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "21ADF517-239B-4752-B3CA-F8F98A0E25A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1b_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "7089E027-B0B7-40F2-AEF6-9C92EA81C182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1b_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "299AF83F-06EA-40C2-92B1-4AADF1598E2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1d_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EAB53F-36AA-4E18-993D-F11BB7BD1FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1d_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "24103DA4-4D1A-47B9-94E1-057B763814EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1f_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "F8EB0640-BD2A-40FB-B484-52B6935E8D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1s_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "231A4EF5-622F-42E3-A076-D75C2386E070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1s_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "9CCE172B-5C5C-4218-B846-32F0A3A7A6AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1s_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "3255DA5F-EE39-485C-8E34-55770DBCA2BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1s_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "31CAD9DC-3E5F-41D9-BE4E-24F556B1BCEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.11.1s_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "2E986F02-DA6A-4BF0-93D8-71273BC4F425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF3B14C-6974-47F6-8E1D-40B2B8DC361E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1_when_installed_on_1100_series_industrial_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "EA17E43C-3C8F-465D-AC52-A7A1819F4797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "E92E7447-C4DE-406F-9103-4DA1AE904393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "1258FA0D-3BA4-4ED3-80F7-6AFC0073B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "1C963528-9605-45D3-8973-C65E9D63F5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "134FCF9D-ABF6-4C91-B9E2-3DCCD10AEBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1a_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "512BD2EF-6DA8-4454-9734-224878AC90ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1a_when_installed_on_1100_series_industrial_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "C18FE714-3187-4CCE-88E7-66E0237ECBF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1a_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1ED3B2-FA30-44E7-9FED-1CA7E22831F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1a_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "3F816C5B-E372-4D5D-8BEE-C3DFE5305AFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1a_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "180B31F0-6EE8-4DAB-806F-92718E88A3D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1a_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C66EA7-B772-4E93-9FAC-EDA0433EC912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "1C72BAC5-0CD2-48C3-A8C8-3845348B8636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b_when_installed_on_1100_series_industrial_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "564A4CE1-3792-4A32-A16A-C9E241F37D58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "2B5E9188-5618-4EBB-A3D5-FEEE22F6151F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "1C40AAE1-8709-4D10-8B04-825365B5B8EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "BF58AEB0-3880-4D24-9412-57CA5BA4709A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "63D43CCF-EC56-4444-9554-A944B22671F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b1_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "12C641DC-C67F-4E92-8BF7-9520F2AE703E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b1_when_installed_on_1100_series_industrial_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "6E978D12-B0DD-4D19-BB0E-14CC51E8CDD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b1_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "52BA5B12-ED6C-41EE-8AAB-B429873D8C5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b1_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "573CA620-8518-4228-982B-1CF51D381344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b1_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB1EE90-408D-4F85-8574-E3D93C911CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1b1_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "AF002832-906F-4AA9-88A3-7CA6DBDE5BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1c_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "0CFB47F7-E07C-4C16-8158-F8A46DFCEC5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1c_when_installed_on_1100_series_industrial_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "A56E716C-3F3C-46FC-AD7D-25778F2B1111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1c_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE6D69E-B03F-4A6D-B107-74318C1CD9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1c_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "31DB0C98-03DC-4C3E-98BE-18F7C6B059D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1c_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A9B3FE-7930-478A-982C-3CF6E75681CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1c_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "806C92F4-D85F-41F6-8494-775327A1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1d_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "C755EE89-25E7-4C38-A263-6FFFE6CEAE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1d_when_installed_on_1100_series_industrial_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC8D35E-D0B6-4FBB-83E8-055C34C7A0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1d_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "A0921424-A543-4725-8770-5952DDF9F536",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1d_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "2D07EA68-77EE-40AE-9629-E3F84144D57E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1d_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF56A81-858B-490A-8B58-7FF1CC61FE27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1d_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "4783CD8A-85FC-4D4D-9712-FDC49B8FE81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1e_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "5875BC4D-072D-442D-92B3-7B096C018630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1e_when_installed_on_1100_series_industrial_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BABFAA-8FD3-413F-BB90-9645BAF7FB71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1e_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFAE70A-9216-4DA6-8A73-5A8B77D464AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1e_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "00183E7A-23A2-44D9-ABCF-133994ED45A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1e_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F635F6-D364-4CFA-B6A5-CE1532B42D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.1e_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "9BCED55C-4BFA-43B8-A1AF-6A86E4642CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.2r_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "30634B93-ACAD-48ED-81F9-D89C4912469E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.2r_when_installed_on_1100_series_industrial_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "861F089E-C995-42EE-BAE2-B3A61F6B8DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.2r_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "06041916-F44E-408C-BD9B-8B1A3BD4FB49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.2r_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0BAAB5-E84C-4EF2-972D-F46759861B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.2r_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "00C186C0-9F14-4466-ADA3-49901C39A2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.2r_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "85A5E24D-4AC2-4D13-BFFC-D93BAE170B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.3_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "281C0EE0-FBFF-4338-A053-1DE61BBE0427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.3_when_installed_on_1100_series_industrial_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "527F2C7D-3412-4AC4-A412-568E99CB0E75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.3_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "E9838B0B-0A1D-44FC-8959-98B10A06A194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.3_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDCDA4F-DB99-4CA1-BF4F-E5A1FE1D5471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.3_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "F469FCCF-0434-4D36-846A-FC9A64790CD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.3_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "A50B778D-BD8B-4B27-B13B-187BC378FC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.4_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "64F5DDBD-6562-4A84-A7D9-F0ECFB0C4411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.4_when_installed_on_1100_series_industrial_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "22481518-1EC9-409C-B0CD-ECC3583413FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.4_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B01647-CB45-4DAE-A230-C393DC9DF2CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.4_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "82454FE7-4252-489E-A643-962DA3C3E463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.4_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "34D44A99-C451-4617-91D9-E0B4E32A1A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.4_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "1DECD9E8-6103-4F4A-904F-22CBDA739DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.4a_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA7D5A7-718F-4DC2-A1E9-01DB7FFDCE88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.4a_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "C0F3E050-2F5A-4435-B7C2-5C71A97A8828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.4a_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C24472-7F1C-404D-8DFE-53E3AB95DCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.5_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "89EA170E-E67C-4660-B05D-A22F36B74F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.5_when_installed_on_1100_series_industrial_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D8D57E-A22C-40BF-9A9A-A702CE4BE12C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.5_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "4567E8AA-676C-4E61-96A3-F17ECD809463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.5_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "B038FCEA-DCDA-427F-BD46-65D2FDCF2F2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.5_when_installed_on_cloud_services_router_1000v:series:*:*:*:*:*:*:*",
"matchCriteriaId": "C271A6EA-3A07-462F-8124-394CD5BC9377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.12.5_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "B6F70E91-B076-46DB-9EDF-D7E16B854D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.1_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B1FEC7-AD20-4373-A1D6-092864E62106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.1_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0F75E5-5802-4C35-A598-B931C4E90AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.1_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "E05DF850-E8E3-4207-BE35-C903AB0126BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.1_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A143FF-4E58-4AFC-A199-98B209EBDFF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.2_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "D6E3EDD0-7182-4DEA-9B57-0302CBD3B810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.2_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2FC243-0D09-48AF-B872-BE6078E15378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.2_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BD205A-E538-48B1-9A5D-614746F44F05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.2_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA01C6-3AA5-4D2F-97D3-1F403476C2C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.3_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B4214-3C2A-4B5C-8106-C4AC208FBCC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.3_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "F699BC28-F47F-44EF-A0CB-E3FFC96F7F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.3_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "09320600-0879-4F99-88F7-F68860BE4144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.3_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26743C-185F-4FFF-B676-F2A14E4984E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.4_when_installed_on_1000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "120ED9DC-38C4-4F9F-8F02-44A78C5C6AC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.4_when_installed_on_4000_series_integrated_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "E58A56B2-197D-4C28-BD42-41F13BC5C374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.4_when_installed_on_asr_1000_series_aggregation_services:routers:*:*:*:*:*:*:*",
"matchCriteriaId": "489106B9-7E60-42E8-9CDB-8F8B9E68F016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan_16.9.4_when_installed_on_integrated_services_virtual:router:*:*:*:*:*:*:*",
"matchCriteriaId": "05C74460-5A8C-47B9-8AC7-124E17B3DE7D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de autenticaci\u00f3n, autorizaci\u00f3n y contabilidad (AAA) de Cisco IOS XE Software podr\u00eda permitir a un atacante remoto no autenticado omitir la autenticaci\u00f3n NETCONF o RESTCONF y realizar cualquiera de las siguientes acciones Instalar, manipular o eliminar la configuraci\u00f3n de un dispositivo afectado. Causar una corrupci\u00f3n de la memoria que resulte en una denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una variable no inicializada. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una serie de peticiones NETCONF o RESTCONF a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante usar NETCONF o RESTCONF para instalar, manipular o borrar la configuraci\u00f3n de un dispositivo de red o corromper la memoria del dispositivo, resultando un DoS"
}
],
"id": "CVE-2021-1619",
"lastModified": "2024-11-21T05:44:45.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T03:15:12.820",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-824"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 06:11
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4856E07-B3C2-4674-9584-866F6AF643B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:422_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03A273EE-41C1-41E9-9002-46F83FC6533F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000_series:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76B7C13F-46C5-460A-A6C9-3837A28A0CE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000_series_route_processor_\\(rp2\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "C02F9303-F9DF-4166-AB4B-8C26B9FAD109",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000_series_route_processor_\\(rp3\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "372CB4D6-BB22-4521-9C18-C0A663717168",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8B0B49-2C99-410B-B011-5B821C5992FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el proceso vDaemon de Cisco IOS XE SD-WAN Software podr\u00eda permitir a un atacante remoto no autenticado causar un desbordamiento del b\u00fafer en un dispositivo afectado. Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los l\u00edmites cuando un dispositivo afectado procesa el tr\u00e1fico. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico dise\u00f1ado al dispositivo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un desbordamiento del b\u00fafer y posiblemente ejecutar comandos arbitrarios con privilegios de nivel de root, o causar la recarga del dispositivo, que podr\u00eda resultar en una condici\u00f3n de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-34727",
"lastModified": "2024-11-21T06:11:03.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T03:15:19.500",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-20 20:15
Modified
2024-11-21 05:44
Severity ?
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | - | |
| cisco | sd-wan_firmware | 18.3.8 | |
| cisco | sd-wan_firmware | 18.4.4 | |
| cisco | sd-wan_firmware | 19.2.1 | |
| cisco | sd-wan_firmware | 19.2.99 | |
| cisco | sd-wan_vsmart_controller_firmware | * | |
| cisco | vedge_100_router | - | |
| cisco | vedge_1000_router | - | |
| cisco | vedge_100b_router | - | |
| cisco | vedge_100m_router | - | |
| cisco | vedge_100wm_router | - | |
| cisco | vedge_2000_router | - | |
| cisco | vedge_5000_router | - | |
| cisco | vedge_cloud_router | - | |
| cisco | catalyst_sd-wan_manager | - | |
| cisco | sd-wan_vbond_orchestrator | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4CBD6FD9-84EE-416C-B77D-843D2FAAF1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C9F1DA-0527-4442-B0B4-4467960D30C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C535AB3-DCCE-4CFB-8479-08550552E863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "B74606C6-B292-4D23-8652-5CF49BDD8369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBC49D2-5618-416A-AE3C-6421B8B09C80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEE108-5CF9-4F19-9A52-40850F850E91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AF418B-E5C4-4FEA-A9B9-9D29002702CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8282DC4-099F-4379-8B2A-7B876AE29779",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9952ECE-2659-4CAC-B29C-6439391FADDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAF9E5F-C858-44C8-9F81-0916324CF513",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA0F3A1-3442-4491-95D6-F5B17A09DB73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E1CFE1-8CF7-48BE-833F-03F72B3BAFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3773F59-DF2E-4387-8E27-C08FE1E6549D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3D96F7-3574-443F-9AD4-5E62E0F5E4F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en los productos Cisco SD-WAN, podr\u00edan permitir a un atacante no autenticado remoto ejecutar ataques contra un dispositivo afectado. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1301",
"lastModified": "2024-11-21T05:44:02.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-20T20:15:16.877",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-21 03:15
Modified
2024-11-21 05:44
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55D9FC0B-0178-4CDB-BF16-4F7639D0777F",
"versionEndIncluding": "17.0",
"versionStartIncluding": "16.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "192828BB-1A24-4ECB-8E8C-B65E73026C12",
"versionEndExcluding": "17.2.3",
"versionStartIncluding": "17.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7F46F8-B01B-4375-AACB-7DE1DBCB314E",
"versionEndExcluding": "17.3.4",
"versionStartIncluding": "17.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7C49DC-8719-4EF6-9B3C-7BDAB9CF7C4B",
"versionEndExcluding": "17.4.2",
"versionStartIncluding": "17.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1FF0F-1AAE-45ED-9D82-0190423F3F4C",
"versionEndExcluding": "17.5.1a",
"versionStartIncluding": "17.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3EBA153C-315C-4FCC-8F6B-4C6FDD95DF4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4856E07-B3C2-4674-9584-866F6AF643B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D2C587-E95B-4E74-88CF-5930072258D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74270062-2030-45A0-9C93-C1F3B7C88E8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F403859-F034-4DD9-9CA5-708EADECB380",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8B0B49-2C99-410B-B011-5B821C5992FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67CCCA4D-3460-4327-A6D2-5F5AEA765400",
"versionStartIncluding": "17.2.1r",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAE214D-8DD8-4DA3-872A-609E7CE6E606",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D2C587-E95B-4E74-88CF-5930072258D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74270062-2030-45A0-9C93-C1F3B7C88E8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F403859-F034-4DD9-9CA5-708EADECB380",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8B0B49-2C99-410B-B011-5B821C5992FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de Cisco IOS XE SD-WAN Software podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios con privilegios de root. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de entradas por parte de la CLI del sistema. Un atacante podr\u00eda aprovechar esta vulnerabilidad al autenticarse en un dispositivo afectado y enviando entradas dise\u00f1adas a la CLI del sistema. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos en el sistema operativo subyacente con privilegios de root"
}
],
"id": "CVE-2021-1529",
"lastModified": "2024-11-21T05:44:33.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-21T03:15:06.830",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-07 18:15
Modified
2025-08-05 14:33
Severity ?
Summary
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration.
This vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied.
Note: The attacker has no control of the SNMPv3 configuration. To exploit this vulnerability, the attacker must have valid SNMPv3 user credentials.
For more information, see the section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | 16.9.1 | |
| cisco | ios_xe_sd-wan | 16.9.2 | |
| cisco | ios_xe_sd-wan | 16.9.3 | |
| cisco | ios_xe_sd-wan | 16.9.4 | |
| cisco | ios_xe_sd-wan | 16.10.1 | |
| cisco | ios_xe_sd-wan | 16.10.2 | |
| cisco | ios_xe_sd-wan | 16.10.3 | |
| cisco | ios_xe_sd-wan | 16.10.3a | |
| cisco | ios_xe_sd-wan | 16.10.3b | |
| cisco | ios_xe_sd-wan | 16.10.4 | |
| cisco | ios_xe_sd-wan | 16.10.5 | |
| cisco | ios_xe_sd-wan | 16.10.6 | |
| cisco | ios_xe_sd-wan | 16.11.1 | |
| cisco | ios_xe_sd-wan | 16.11.1a | |
| cisco | ios_xe_sd-wan | 16.11.1b | |
| cisco | ios_xe_sd-wan | 16.11.1d | |
| cisco | ios_xe_sd-wan | 16.11.1f | |
| cisco | ios_xe_sd-wan | 16.11.1s | |
| cisco | ios_xe_sd-wan | 16.12.1 | |
| cisco | ios_xe_sd-wan | 16.12.1a | |
| cisco | ios_xe_sd-wan | 16.12.1b | |
| cisco | ios_xe_sd-wan | 16.12.1b1 | |
| cisco | ios_xe_sd-wan | 16.12.1c | |
| cisco | ios_xe_sd-wan | 16.12.1d | |
| cisco | ios_xe_sd-wan | 16.12.1e | |
| cisco | ios_xe_sd-wan | 16.12.2r | |
| cisco | ios_xe_sd-wan | 16.12.3 | |
| cisco | ios_xe_sd-wan | 16.12.4 | |
| cisco | ios_xe_sd-wan | 16.12.4a | |
| cisco | ios_xe_sd-wan | 16.12.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A45A569-C122-4474-BE14-AF7BA71736BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC516F4-F6DD-460D-BBC4-DD32CC0F1180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD04C1FB-F8F8-486A-9E2F-EB01856B1C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "156D51A0-506C-47FD-BF45-955C1B881976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "23468BBF-F5AB-4924-A084-F065BB02BF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A03544C9-6037-4D88-8D0E-513DFCB4CC13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B681843-64AE-4987-B94A-DD9A915846CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "C022D72E-D7E5-4910-8D0A-D488348D10D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.3b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F49E6EE-95D6-4419-BDC7-274F30C53886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B56C494-9925-46DE-B1FA-3D1C46093F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BA375C35-61CC-4123-967C-1E4B40673D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C32EAF-90A1-4391-B82D-A1F8E6A83E0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0350E16B-1FEF-4D4F-B520-B53EA3DA29A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA58A8E-D63E-4276-BB92-35B7F4D2760E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "90EBD3C8-5749-4EB7-976F-8749A44E483A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "9DCC3D6A-BE62-45AA-BCDB-B8437D841BDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "EF0E839C-B7D5-4201-9052-0CC0BD925E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9044701-2609-4E70-BA19-DB4831FCFD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7AC209-B78A-48F3-BC3B-C1F04CA19B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9422E331-2013-4FF5-A06D-50505DF15123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "54C51F43-FDA7-4F87-9EA7-3049E6EA17B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.1b1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5605246-622D-47C6-987D-9404A32820F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C251E2-16DF-4FF1-8243-D191C463738B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "36994E4F-2207-4CD6-8605-9A7D641AC769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF6B43E-2EB9-4D74-8C92-6D5AFDFECF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.2r:*:*:*:*:*:*:*",
"matchCriteriaId": "7050DADE-B994-4A5E-A093-EAB6FEF0B3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "85FE74B7-E21A-4E99-BD60-37BC4C10BD94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A81BD856-D376-46EA-9C6E-48DA6C5EA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "EE89B334-1927-4359-9CA6-9EFF4A247949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "89E31772-E8D3-4BC8-B337-B33BCAC4C750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration.\r\n\r\nThis vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied.\r\nNote: The attacker has no control of the SNMPv3 configuration. To exploit this vulnerability, the attacker must have valid SNMPv3 user credentials.\r\nFor more information, see the section of this advisory."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n del Protocolo Simple de Administraci\u00f3n de Redes Versi\u00f3n 3 (SNMPv3) de Cisco IOS Software y Cisco IOS XE Software podr\u00eda permitir que un atacante remoto autenticado sondee un dispositivo afectado mediante SNMP, incluso si el dispositivo est\u00e1 configurado para denegar el tr\u00e1fico SNMP de una fuente no autorizada o si el nombre de usuario SNMPv3 se ha eliminado de la configuraci\u00f3n. Esta vulnerabilidad existe debido a la forma en que se almacena la configuraci\u00f3n de SNMPv3 en la configuraci\u00f3n de inicio de Cisco IOS Software y Cisco IOS XE Software. Un atacante podr\u00eda explotar esta vulnerabilidad sondeando un dispositivo afectado desde una direcci\u00f3n de origen que deber\u00eda haber sido denegada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante realizar operaciones SNMP desde una fuente que deber\u00eda haber sido denegada. Nota: El atacante no tiene control sobre la configuraci\u00f3n de SNMPv3. Para explotar esta vulnerabilidad, el atacante debe tener credenciales de usuario SNMPv3 v\u00e1lidas. Para obtener m\u00e1s informaci\u00f3n, consulte la secci\u00f3n de este aviso."
}
],
"id": "CVE-2025-20151",
"lastModified": "2025-08-05T14:33:40.830",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Primary"
}
]
},
"published": "2025-05-07T18:15:37.007",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpv3-qKEYvzsy"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-20 20:15
Modified
2024-11-21 05:44
Severity ?
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | - | |
| cisco | sd-wan_firmware | 18.3.8 | |
| cisco | sd-wan_firmware | 18.4.4 | |
| cisco | sd-wan_firmware | 19.2.1 | |
| cisco | sd-wan_firmware | 19.2.99 | |
| cisco | sd-wan_vsmart_controller_firmware | * | |
| cisco | vedge_100_router | - | |
| cisco | vedge_1000_router | - | |
| cisco | vedge_100b_router | - | |
| cisco | vedge_100m_router | - | |
| cisco | vedge_100wm_router | - | |
| cisco | vedge_2000_router | - | |
| cisco | vedge_5000_router | - | |
| cisco | vedge_cloud_router | - | |
| cisco | catalyst_sd-wan_manager | - | |
| cisco | sd-wan_vbond_orchestrator | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4CBD6FD9-84EE-416C-B77D-843D2FAAF1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C9F1DA-0527-4442-B0B4-4467960D30C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C535AB3-DCCE-4CFB-8479-08550552E863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "B74606C6-B292-4D23-8652-5CF49BDD8369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBC49D2-5618-416A-AE3C-6421B8B09C80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEE108-5CF9-4F19-9A52-40850F850E91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AF418B-E5C4-4FEA-A9B9-9D29002702CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8282DC4-099F-4379-8B2A-7B876AE29779",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9952ECE-2659-4CAC-B29C-6439391FADDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAF9E5F-C858-44C8-9F81-0916324CF513",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA0F3A1-3442-4491-95D6-F5B17A09DB73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E1CFE1-8CF7-48BE-833F-03F72B3BAFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3773F59-DF2E-4387-8E27-C08FE1E6549D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3D96F7-3574-443F-9AD4-5E62E0F5E4F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en los productos Cisco SD-WAN, podr\u00edan permitir a un atacante no autenticado remoto ejecutar ataques contra un dispositivo afectado. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1300",
"lastModified": "2024-11-21T05:44:02.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-20T20:15:16.800",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-20 20:15
Modified
2024-11-21 05:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | - | |
| cisco | sd-wan_firmware | 18.3.5 | |
| cisco | sd-wan_firmware | 18.3.8 | |
| cisco | sd-wan_firmware | 18.4.1 | |
| cisco | sd-wan_firmware | 18.4.4 | |
| cisco | sd-wan_firmware | 18.4.5 | |
| cisco | sd-wan_firmware | 19.2.0 | |
| cisco | sd-wan_firmware | 19.2.1 | |
| cisco | sd-wan_firmware | 19.2.2 | |
| cisco | sd-wan_firmware | 19.2.99 | |
| cisco | sd-wan_firmware | 20.1.0 | |
| cisco | sd-wan_vsmart_controller_firmware | * | |
| cisco | vedge_100_router | - | |
| cisco | vedge_1000_router | - | |
| cisco | vedge_100b_router | - | |
| cisco | vedge_100m_router | - | |
| cisco | vedge_100wm_router | - | |
| cisco | vedge_2000_router | - | |
| cisco | vedge_5000_router | - | |
| cisco | vedge_cloud_router | - | |
| cisco | catalyst_sd-wan_manager | - | |
| cisco | sd-wan_vbond_orchestrator | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30EE0731-351C-4889-8335-3E7E7955A385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4CBD6FD9-84EE-416C-B77D-843D2FAAF1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0015FD1E-1BCD-40AB-8C21-264AB9F6E123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C9F1DA-0527-4442-B0B4-4467960D30C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0717AEB4-93B0-47F5-9F1B-153A519AD2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0065B109-5020-48AE-B10F-3452444748C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C535AB3-DCCE-4CFB-8479-08550552E863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C2CBB8-7296-4549-B98C-D39FA1D35E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "B74606C6-B292-4D23-8652-5CF49BDD8369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:20.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF9C5E2-1A91-43A0-8F51-05A2E204BF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBC49D2-5618-416A-AE3C-6421B8B09C80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEE108-5CF9-4F19-9A52-40850F850E91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AF418B-E5C4-4FEA-A9B9-9D29002702CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8282DC4-099F-4379-8B2A-7B876AE29779",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9952ECE-2659-4CAC-B29C-6439391FADDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAF9E5F-C858-44C8-9F81-0916324CF513",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA0F3A1-3442-4491-95D6-F5B17A09DB73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E1CFE1-8CF7-48BE-833F-03F72B3BAFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3773F59-DF2E-4387-8E27-C08FE1E6549D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3D96F7-3574-443F-9AD4-5E62E0F5E4F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en los productos Cisco SD-WAN, podr\u00edan permitir a un atacante no autenticado remoto ejecutar ataques de denegaci\u00f3n de servicio (DoS) contra un dispositivo afectado. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1278",
"lastModified": "2024-11-21T05:43:59.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-20T20:15:16.173",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are then executed on the device by the root user. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe | 3.15.1xbs | |
| cisco | ios_xe | 3.15.2xbs | |
| cisco | ios_xe | 16.12.1 | |
| cisco | ios_xe | 16.12.1a | |
| cisco | ios_xe | 16.12.1c | |
| cisco | ios_xe | 16.12.1s | |
| cisco | ios_xe | 16.12.1t | |
| cisco | ios_xe | 16.12.1w | |
| cisco | ios_xe | 16.12.1x | |
| cisco | ios_xe | 16.12.1y | |
| cisco | ios_xe | 16.12.1z | |
| cisco | ios_xe | 16.12.1za | |
| cisco | ios_xe | 16.12.2 | |
| cisco | ios_xe | 16.12.2a | |
| cisco | ios_xe | 16.12.2s | |
| cisco | ios_xe | 16.12.2t | |
| cisco | ios_xe | 16.12.3 | |
| cisco | ios_xe | 16.12.3a | |
| cisco | ios_xe | 16.12.3s | |
| cisco | ios_xe | 16.12.4 | |
| cisco | ios_xe | 16.12.4a | |
| cisco | ios_xe | 17.2.1 | |
| cisco | ios_xe | 17.2.1a | |
| cisco | ios_xe | 17.2.1r | |
| cisco | ios_xe | 17.2.1v | |
| cisco | ios_xe_sd-wan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1xbs:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF22C29-84DF-44CA-B574-FE04AB39E344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.2xbs:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C7C0BA-D618-4B65-B42C-43393167EEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD98C9E8-3EA6-4160-970D-37C389576516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "7745ED34-D59D-49CC-B174-96BCA03B3374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "19AF4CF3-6E79-4EA3-974D-CD451A192BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "313BD54C-073C-4F27-82D5-C99EFC3A20F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "93B96E01-3777-4C33-9225-577B469A6CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "65FC3CC1-CF4F-4A2D-A500-04395AFE8B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1za:*:*:*:*:*:*:*",
"matchCriteriaId": "027200FC-8AD4-47E4-A404-490AE4F997EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "443D78BA-A3DA-4D1F-A4DF-2F426DC6B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6FB4DC-814D-49D2-BBE2-3861AE985A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9173AD6-6658-4267-AAA7-D50D0B657528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F02EE9D-45B1-43D6-B05D-6FF19472216B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C87891C-B8D0-4286-B6A7-61037E1A6A54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are then executed on the device by the root user. A successful exploit could allow the attacker to execute arbitrary commands as the root user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del Software Cisco IOS XE SD-WAN, podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo subyacente como usuario root.\u0026#xa0;El atacante debe estar autenticado en el dispositivo afectado como un usuario poco privilegiado para explotar esta vulnerabilidad.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al inyectar comandos arbitrarios en un archivo como usuario poco privilegiado.\u0026#xa0;A continuaci\u00f3n, el usuario root ejecuta los comandos en el dispositivo.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos arbitrarios como usuario root"
}
],
"id": "CVE-2021-1432",
"lastModified": "2024-11-21T05:44:21.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-24T20:15:14.510",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-09-24 18:15
Modified
2025-10-01 13:51
Severity ?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following:
An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials.
An authenticated, remote attacker with high privileges could execute code as the root user on an affected device that is running Cisco IOS XE Software. To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device.
An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks.
This vulnerability is due to a stack overflow condition in the SNMP subsystem of the affected software. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.
Note: This vulnerability affects all versions of SNMP.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte | Vendor Advisory, Mitigation |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | 16.9.1 | |
| cisco | ios_xe_sd-wan | 16.9.2 | |
| cisco | ios_xe_sd-wan | 16.9.3 | |
| cisco | ios_xe_sd-wan | 16.9.4 | |
| cisco | ios_xe_sd-wan | 16.10.1 | |
| cisco | ios_xe_sd-wan | 16.10.2 | |
| cisco | ios_xe_sd-wan | 16.10.3 | |
| cisco | ios_xe_sd-wan | 16.10.3a | |
| cisco | ios_xe_sd-wan | 16.10.3b | |
| cisco | ios_xe_sd-wan | 16.10.4 | |
| cisco | ios_xe_sd-wan | 16.10.5 | |
| cisco | ios_xe_sd-wan | 16.10.6 | |
| cisco | ios_xe_sd-wan | 16.11.1a | |
| cisco | ios_xe_sd-wan | 16.12.1b | |
| cisco | ios_xe_sd-wan | 16.12.1d | |
| cisco | ios_xe_sd-wan | 16.12.1e | |
| cisco | ios_xe_sd-wan | 16.12.2r | |
| cisco | ios_xe_sd-wan | 16.12.3 | |
| cisco | ios_xe_sd-wan | 16.12.4 | |
| cisco | ios_xe_sd-wan | 16.12.4a | |
| cisco | ios_xe_sd-wan | 16.12.5 | |
| cisco | ios_xe | 3.5.0e | |
| cisco | ios_xe | 3.5.0sq | |
| cisco | ios_xe | 3.5.1e | |
| cisco | ios_xe | 3.5.1sq | |
| cisco | ios_xe | 3.5.2e | |
| cisco | ios_xe | 3.5.2sq | |
| cisco | ios_xe | 3.5.3e | |
| cisco | ios_xe | 3.5.3sq | |
| cisco | ios_xe | 3.5.4sq | |
| cisco | ios_xe | 3.5.5sq | |
| cisco | ios_xe | 3.5.6sq | |
| cisco | ios_xe | 3.5.7sq | |
| cisco | ios_xe | 3.5.8sq | |
| cisco | ios_xe | 3.6.0e | |
| cisco | ios_xe | 3.6.1e | |
| cisco | ios_xe | 3.6.2ae | |
| cisco | ios_xe | 3.6.2e | |
| cisco | ios_xe | 3.6.3e | |
| cisco | ios_xe | 3.6.4e | |
| cisco | ios_xe | 3.6.5ae | |
| cisco | ios_xe | 3.6.5e | |
| cisco | ios_xe | 3.6.6e | |
| cisco | ios_xe | 3.6.7be | |
| cisco | ios_xe | 3.6.7e | |
| cisco | ios_xe | 3.6.8e | |
| cisco | ios_xe | 3.6.9e | |
| cisco | ios_xe | 3.6.10e | |
| cisco | ios_xe | 3.7.0e | |
| cisco | ios_xe | 3.7.1e | |
| cisco | ios_xe | 3.7.2e | |
| cisco | ios_xe | 3.7.3e | |
| cisco | ios_xe | 3.7.4e | |
| cisco | ios_xe | 3.7.5e | |
| cisco | ios_xe | 3.8.0e | |
| cisco | ios_xe | 3.8.1e | |
| cisco | ios_xe | 3.8.2e | |
| cisco | ios_xe | 3.8.3e | |
| cisco | ios_xe | 3.8.4e | |
| cisco | ios_xe | 3.8.5ae | |
| cisco | ios_xe | 3.8.5e | |
| cisco | ios_xe | 3.8.6e | |
| cisco | ios_xe | 3.8.7e | |
| cisco | ios_xe | 3.8.8e | |
| cisco | ios_xe | 3.8.9e | |
| cisco | ios_xe | 3.8.10e | |
| cisco | ios_xe | 3.9.0e | |
| cisco | ios_xe | 3.9.1e | |
| cisco | ios_xe | 3.9.2e | |
| cisco | ios_xe | 3.10.0ce | |
| cisco | ios_xe | 3.10.0e | |
| cisco | ios_xe | 3.10.1e | |
| cisco | ios_xe | 3.10.2e | |
| cisco | ios_xe | 3.10.3e | |
| cisco | ios_xe | 3.11.0e | |
| cisco | ios_xe | 3.11.1ae | |
| cisco | ios_xe | 3.11.1e | |
| cisco | ios_xe | 3.11.2e | |
| cisco | ios_xe | 3.11.3ae | |
| cisco | ios_xe | 3.11.3e | |
| cisco | ios_xe | 3.11.4e | |
| cisco | ios_xe | 3.11.5e | |
| cisco | ios_xe | 3.11.6e | |
| cisco | ios_xe | 3.11.7e | |
| cisco | ios_xe | 3.11.8e | |
| cisco | ios_xe | 3.11.9e | |
| cisco | ios_xe | 3.11.10e | |
| cisco | ios_xe | 3.11.11e | |
| cisco | ios_xe | 3.11.12e | |
| cisco | ios_xe | 3.14.0s | |
| cisco | ios_xe | 3.14.1s | |
| cisco | ios_xe | 3.14.2s | |
| cisco | ios_xe | 3.14.3s | |
| cisco | ios_xe | 3.14.4s | |
| cisco | ios_xe | 3.15.0s | |
| cisco | ios_xe | 3.15.1cs | |
| cisco | ios_xe | 3.15.1s | |
| cisco | ios_xe | 3.15.2s | |
| cisco | ios_xe | 3.15.3s | |
| cisco | ios_xe | 3.15.4s | |
| cisco | ios_xe | 3.16.0cs | |
| cisco | ios_xe | 3.16.0s | |
| cisco | ios_xe | 3.16.1as | |
| cisco | ios_xe | 3.16.1s | |
| cisco | ios_xe | 3.16.2as | |
| cisco | ios_xe | 3.16.2bs | |
| cisco | ios_xe | 3.16.2s | |
| cisco | ios_xe | 3.16.3as | |
| cisco | ios_xe | 3.16.3s | |
| cisco | ios_xe | 3.16.4as | |
| cisco | ios_xe | 3.16.4bs | |
| cisco | ios_xe | 3.16.4ds | |
| cisco | ios_xe | 3.16.4s | |
| cisco | ios_xe | 3.16.5s | |
| cisco | ios_xe | 3.16.6bs | |
| cisco | ios_xe | 3.16.6s | |
| cisco | ios_xe | 3.16.7as | |
| cisco | ios_xe | 3.16.7bs | |
| cisco | ios_xe | 3.16.7s | |
| cisco | ios_xe | 3.16.8s | |
| cisco | ios_xe | 3.16.9s | |
| cisco | ios_xe | 3.16.10s | |
| cisco | ios_xe | 3.17.0s | |
| cisco | ios_xe | 3.17.1as | |
| cisco | ios_xe | 3.17.1s | |
| cisco | ios_xe | 3.17.2s | |
| cisco | ios_xe | 3.17.3s | |
| cisco | ios_xe | 3.17.4s | |
| cisco | ios_xe | 3.18.0as | |
| cisco | ios_xe | 3.18.0s | |
| cisco | ios_xe | 3.18.0sp | |
| cisco | ios_xe | 3.18.1asp | |
| cisco | ios_xe | 3.18.1bsp | |
| cisco | ios_xe | 3.18.1csp | |
| cisco | ios_xe | 3.18.1s | |
| cisco | ios_xe | 3.18.1sp | |
| cisco | ios_xe | 3.18.2asp | |
| cisco | ios_xe | 3.18.2s | |
| cisco | ios_xe | 3.18.2sp | |
| cisco | ios_xe | 3.18.3asp | |
| cisco | ios_xe | 3.18.3bsp | |
| cisco | ios_xe | 3.18.3s | |
| cisco | ios_xe | 3.18.3sp | |
| cisco | ios_xe | 3.18.4s | |
| cisco | ios_xe | 3.18.4sp | |
| cisco | ios_xe | 3.18.5sp | |
| cisco | ios_xe | 3.18.6sp | |
| cisco | ios_xe | 3.18.7sp | |
| cisco | ios_xe | 3.18.8asp | |
| cisco | ios_xe | 3.18.9sp | |
| cisco | ios_xe | 16.6.1 | |
| cisco | ios_xe | 16.6.2 | |
| cisco | ios_xe | 16.6.3 | |
| cisco | ios_xe | 16.6.4 | |
| cisco | ios_xe | 16.6.4a | |
| cisco | ios_xe | 16.6.5 | |
| cisco | ios_xe | 16.6.5a | |
| cisco | ios_xe | 16.6.6 | |
| cisco | ios_xe | 16.6.7 | |
| cisco | ios_xe | 16.6.8 | |
| cisco | ios_xe | 16.6.9 | |
| cisco | ios_xe | 16.6.10 | |
| cisco | ios_xe | 16.7.1 | |
| cisco | ios_xe | 16.7.1a | |
| cisco | ios_xe | 16.7.1b | |
| cisco | ios_xe | 16.7.2 | |
| cisco | ios_xe | 16.7.3 | |
| cisco | ios_xe | 16.7.4 | |
| cisco | ios_xe | 16.8.1 | |
| cisco | ios_xe | 16.8.1a | |
| cisco | ios_xe | 16.8.1b | |
| cisco | ios_xe | 16.8.1c | |
| cisco | ios_xe | 16.8.1d | |
| cisco | ios_xe | 16.8.1e | |
| cisco | ios_xe | 16.8.1s | |
| cisco | ios_xe | 16.8.2 | |
| cisco | ios_xe | 16.8.3 | |
| cisco | ios_xe | 16.9.1 | |
| cisco | ios_xe | 16.9.1a | |
| cisco | ios_xe | 16.9.1b | |
| cisco | ios_xe | 16.9.1s | |
| cisco | ios_xe | 16.9.2 | |
| cisco | ios_xe | 16.9.3 | |
| cisco | ios_xe | 16.9.3a | |
| cisco | ios_xe | 16.9.4 | |
| cisco | ios_xe | 16.9.5 | |
| cisco | ios_xe | 16.9.5f | |
| cisco | ios_xe | 16.9.6 | |
| cisco | ios_xe | 16.9.7 | |
| cisco | ios_xe | 16.9.8 | |
| cisco | ios_xe | 16.10.1 | |
| cisco | ios_xe | 16.10.1a | |
| cisco | ios_xe | 16.10.1b | |
| cisco | ios_xe | 16.10.1c | |
| cisco | ios_xe | 16.10.1d | |
| cisco | ios_xe | 16.10.1e | |
| cisco | ios_xe | 16.10.1f | |
| cisco | ios_xe | 16.10.1g | |
| cisco | ios_xe | 16.10.1s | |
| cisco | ios_xe | 16.10.2 | |
| cisco | ios_xe | 16.10.3 | |
| cisco | ios_xe | 16.11.1 | |
| cisco | ios_xe | 16.11.1a | |
| cisco | ios_xe | 16.11.1b | |
| cisco | ios_xe | 16.11.1s | |
| cisco | ios_xe | 16.11.2 | |
| cisco | ios_xe | 16.12.1 | |
| cisco | ios_xe | 16.12.1a | |
| cisco | ios_xe | 16.12.1c | |
| cisco | ios_xe | 16.12.1s | |
| cisco | ios_xe | 16.12.1t | |
| cisco | ios_xe | 16.12.1w | |
| cisco | ios_xe | 16.12.1x | |
| cisco | ios_xe | 16.12.1y | |
| cisco | ios_xe | 16.12.1z1 | |
| cisco | ios_xe | 16.12.1z2 | |
| cisco | ios_xe | 16.12.2 | |
| cisco | ios_xe | 16.12.2a | |
| cisco | ios_xe | 16.12.2s | |
| cisco | ios_xe | 16.12.3 | |
| cisco | ios_xe | 16.12.3a | |
| cisco | ios_xe | 16.12.3s | |
| cisco | ios_xe | 16.12.4 | |
| cisco | ios_xe | 16.12.4a | |
| cisco | ios_xe | 16.12.5 | |
| cisco | ios_xe | 16.12.5a | |
| cisco | ios_xe | 16.12.5b | |
| cisco | ios_xe | 16.12.6 | |
| cisco | ios_xe | 16.12.6a | |
| cisco | ios_xe | 16.12.7 | |
| cisco | ios_xe | 16.12.8 | |
| cisco | ios_xe | 16.12.9 | |
| cisco | ios_xe | 16.12.10 | |
| cisco | ios_xe | 16.12.10a | |
| cisco | ios_xe | 16.12.11 | |
| cisco | ios_xe | 16.12.12 | |
| cisco | ios_xe | 16.12.13 | |
| cisco | ios_xe | 17.1.1 | |
| cisco | ios_xe | 17.1.1a | |
| cisco | ios_xe | 17.1.1s | |
| cisco | ios_xe | 17.1.1t | |
| cisco | ios_xe | 17.1.3 | |
| cisco | ios_xe | 17.2.1 | |
| cisco | ios_xe | 17.2.1a | |
| cisco | ios_xe | 17.2.1r | |
| cisco | ios_xe | 17.2.1v | |
| cisco | ios_xe | 17.2.2 | |
| cisco | ios_xe | 17.2.3 | |
| cisco | ios_xe | 17.3.1 | |
| cisco | ios_xe | 17.3.1a | |
| cisco | ios_xe | 17.3.1w | |
| cisco | ios_xe | 17.3.1x | |
| cisco | ios_xe | 17.3.1z | |
| cisco | ios_xe | 17.3.2 | |
| cisco | ios_xe | 17.3.2a | |
| cisco | ios_xe | 17.3.3 | |
| cisco | ios_xe | 17.3.4 | |
| cisco | ios_xe | 17.3.4a | |
| cisco | ios_xe | 17.3.4b | |
| cisco | ios_xe | 17.3.4c | |
| cisco | ios_xe | 17.3.5 | |
| cisco | ios_xe | 17.3.5a | |
| cisco | ios_xe | 17.3.5b | |
| cisco | ios_xe | 17.3.6 | |
| cisco | ios_xe | 17.3.7 | |
| cisco | ios_xe | 17.3.8 | |
| cisco | ios_xe | 17.3.8a | |
| cisco | ios_xe | 17.4.1 | |
| cisco | ios_xe | 17.4.1a | |
| cisco | ios_xe | 17.4.1b | |
| cisco | ios_xe | 17.4.2 | |
| cisco | ios_xe | 17.4.2a | |
| cisco | ios_xe | 17.5.1 | |
| cisco | ios_xe | 17.5.1a | |
| cisco | ios_xe | 17.6.1 | |
| cisco | ios_xe | 17.6.1a | |
| cisco | ios_xe | 17.6.1w | |
| cisco | ios_xe | 17.6.1x | |
| cisco | ios_xe | 17.6.1y | |
| cisco | ios_xe | 17.6.1z | |
| cisco | ios_xe | 17.6.1z1 | |
| cisco | ios_xe | 17.6.2 | |
| cisco | ios_xe | 17.6.3 | |
| cisco | ios_xe | 17.6.3a | |
| cisco | ios_xe | 17.6.4 | |
| cisco | ios_xe | 17.6.5 | |
| cisco | ios_xe | 17.6.5a | |
| cisco | ios_xe | 17.6.6 | |
| cisco | ios_xe | 17.6.6a | |
| cisco | ios_xe | 17.6.7 | |
| cisco | ios_xe | 17.6.8 | |
| cisco | ios_xe | 17.6.8a | |
| cisco | ios_xe | 17.7.1 | |
| cisco | ios_xe | 17.7.1a | |
| cisco | ios_xe | 17.7.1b | |
| cisco | ios_xe | 17.7.2 | |
| cisco | ios_xe | 17.8.1 | |
| cisco | ios_xe | 17.8.1a | |
| cisco | ios_xe | 17.9.1 | |
| cisco | ios_xe | 17.9.1a | |
| cisco | ios_xe | 17.9.1w | |
| cisco | ios_xe | 17.9.1x | |
| cisco | ios_xe | 17.9.1x1 | |
| cisco | ios_xe | 17.9.1y | |
| cisco | ios_xe | 17.9.1y1 | |
| cisco | ios_xe | 17.9.2 | |
| cisco | ios_xe | 17.9.2a | |
| cisco | ios_xe | 17.9.3 | |
| cisco | ios_xe | 17.9.3a | |
| cisco | ios_xe | 17.9.4 | |
| cisco | ios_xe | 17.9.4a | |
| cisco | ios_xe | 17.9.5 | |
| cisco | ios_xe | 17.9.5a | |
| cisco | ios_xe | 17.9.5b | |
| cisco | ios_xe | 17.9.5e | |
| cisco | ios_xe | 17.9.5f | |
| cisco | ios_xe | 17.9.6 | |
| cisco | ios_xe | 17.9.6a | |
| cisco | ios_xe | 17.9.7 | |
| cisco | ios_xe | 17.9.7a | |
| cisco | ios_xe | 17.9.7b | |
| cisco | ios_xe | 17.10.1 | |
| cisco | ios_xe | 17.10.1a | |
| cisco | ios_xe | 17.10.1b | |
| cisco | ios_xe | 17.11.1 | |
| cisco | ios_xe | 17.11.1a | |
| cisco | ios_xe | 17.12.1 | |
| cisco | ios_xe | 17.12.1a | |
| cisco | ios_xe | 17.12.1w | |
| cisco | ios_xe | 17.12.1x | |
| cisco | ios_xe | 17.12.1y | |
| cisco | ios_xe | 17.12.1z | |
| cisco | ios_xe | 17.12.1z1 | |
| cisco | ios_xe | 17.12.1z2 | |
| cisco | ios_xe | 17.12.1z3 | |
| cisco | ios_xe | 17.12.1z4 | |
| cisco | ios_xe | 17.12.2 | |
| cisco | ios_xe | 17.12.2a | |
| cisco | ios_xe | 17.12.3 | |
| cisco | ios_xe | 17.12.3a | |
| cisco | ios_xe | 17.12.4 | |
| cisco | ios_xe | 17.12.4a | |
| cisco | ios_xe | 17.12.4b | |
| cisco | ios_xe | 17.12.5 | |
| cisco | ios_xe | 17.12.5a | |
| cisco | ios_xe | 17.12.5b | |
| cisco | ios_xe | 17.12.5c | |
| cisco | ios_xe | 17.13.1 | |
| cisco | ios_xe | 17.13.1a | |
| cisco | ios_xe | 17.14.1 | |
| cisco | ios_xe | 17.14.1a | |
| cisco | ios_xe | 17.15.1 | |
| cisco | ios_xe | 17.15.1a | |
| cisco | ios_xe | 17.15.1b | |
| cisco | ios_xe | 17.15.1w | |
| cisco | ios_xe | 17.15.1x | |
| cisco | ios_xe | 17.15.1y | |
| cisco | ios_xe | 17.15.1z | |
| cisco | ios_xe | 17.15.2 | |
| cisco | ios_xe | 17.15.2a | |
| cisco | ios_xe | 17.15.2b | |
| cisco | ios_xe | 17.15.2c | |
| cisco | ios_xe | 17.15.3 | |
| cisco | ios_xe | 17.15.3a | |
| cisco | ios_xe | 17.15.3b | |
| cisco | ios_xe | 17.15.4 | |
| cisco | ios_xe | 17.16.1 | |
| cisco | ios_xe | 17.16.1a | |
| cisco | ios_xe | 17.17.1 | |
| cisco | ios_xe | 17.18.1 | |
| cisco | ios | 12.2\(33\)sxi | |
| cisco | ios | 12.2\(33\)sxi1 | |
| cisco | ios | 12.2\(33\)sxi2 | |
| cisco | ios | 12.2\(33\)sxi2a | |
| cisco | ios | 12.2\(33\)sxi3 | |
| cisco | ios | 12.2\(33\)sxi4 | |
| cisco | ios | 12.2\(33\)sxi4a | |
| cisco | ios | 12.2\(33\)sxi5 | |
| cisco | ios | 12.2\(33\)sxi6 | |
| cisco | ios | 12.2\(33\)sxi7 | |
| cisco | ios | 12.2\(33\)sxi8 | |
| cisco | ios | 12.2\(33\)sxi8a | |
| cisco | ios | 12.2\(33\)sxi9 | |
| cisco | ios | 12.2\(33\)sxi10 | |
| cisco | ios | 12.2\(33\)sxi11 | |
| cisco | ios | 12.2\(33\)sxi12 | |
| cisco | ios | 12.2\(33\)sxi13 | |
| cisco | ios | 12.2\(33\)sxi14 | |
| cisco | ios | 12.2\(33\)sxj | |
| cisco | ios | 12.2\(33\)sxj1 | |
| cisco | ios | 12.2\(33\)sxj2 | |
| cisco | ios | 12.2\(33\)sxj3 | |
| cisco | ios | 12.2\(33\)sxj4 | |
| cisco | ios | 12.2\(33\)sxj5 | |
| cisco | ios | 12.2\(33\)sxj6 | |
| cisco | ios | 12.2\(33\)sxj7 | |
| cisco | ios | 12.2\(33\)sxj8 | |
| cisco | ios | 12.2\(33\)sxj9 | |
| cisco | ios | 12.2\(33\)sxj10 | |
| cisco | ios | 12.2\(50\)sq | |
| cisco | ios | 12.2\(50\)sq1 | |
| cisco | ios | 12.2\(50\)sq2 | |
| cisco | ios | 12.2\(50\)sq3 | |
| cisco | ios | 12.2\(50\)sq4 | |
| cisco | ios | 12.2\(50\)sq5 | |
| cisco | ios | 12.2\(50\)sq6 | |
| cisco | ios | 12.2\(50\)sq7 | |
| cisco | ios | 12.2\(53\)ez | |
| cisco | ios | 12.2\(55\)ez | |
| cisco | ios | 12.2\(55\)se | |
| cisco | ios | 12.2\(55\)se1 | |
| cisco | ios | 12.2\(55\)se2 | |
| cisco | ios | 12.2\(55\)se3 | |
| cisco | ios | 12.2\(55\)se4 | |
| cisco | ios | 12.2\(55\)se5 | |
| cisco | ios | 12.2\(55\)se6 | |
| cisco | ios | 12.2\(55\)se7 | |
| cisco | ios | 12.2\(55\)se8 | |
| cisco | ios | 12.2\(55\)se9 | |
| cisco | ios | 12.2\(55\)se10 | |
| cisco | ios | 12.2\(55\)se11 | |
| cisco | ios | 12.2\(55\)se12 | |
| cisco | ios | 12.2\(55\)se13 | |
| cisco | ios | 12.2\(58\)ez | |
| cisco | ios | 12.2\(58\)se | |
| cisco | ios | 12.2\(58\)se1 | |
| cisco | ios | 12.2\(58\)se2 | |
| cisco | ios | 12.2\(60\)ez | |
| cisco | ios | 12.2\(60\)ez1 | |
| cisco | ios | 12.2\(60\)ez2 | |
| cisco | ios | 12.2\(60\)ez3 | |
| cisco | ios | 12.2\(60\)ez4 | |
| cisco | ios | 12.2\(60\)ez5 | |
| cisco | ios | 12.2\(60\)ez6 | |
| cisco | ios | 12.2\(60\)ez7 | |
| cisco | ios | 12.2\(60\)ez8 | |
| cisco | ios | 12.2\(60\)ez9 | |
| cisco | ios | 12.2\(60\)ez10 | |
| cisco | ios | 12.2\(60\)ez11 | |
| cisco | ios | 12.2\(60\)ez12 | |
| cisco | ios | 12.2\(60\)ez13 | |
| cisco | ios | 12.2\(60\)ez14 | |
| cisco | ios | 12.2\(60\)ez15 | |
| cisco | ios | 15.0\(1\)ey | |
| cisco | ios | 15.0\(1\)ey1 | |
| cisco | ios | 15.0\(1\)ey2 | |
| cisco | ios | 15.0\(1\)se | |
| cisco | ios | 15.0\(1\)se1 | |
| cisco | ios | 15.0\(1\)se2 | |
| cisco | ios | 15.0\(1\)se3 | |
| cisco | ios | 15.0\(1\)sy | |
| cisco | ios | 15.0\(1\)sy1 | |
| cisco | ios | 15.0\(1\)sy2 | |
| cisco | ios | 15.0\(1\)sy3 | |
| cisco | ios | 15.0\(1\)sy4 | |
| cisco | ios | 15.0\(1\)sy5 | |
| cisco | ios | 15.0\(1\)sy6 | |
| cisco | ios | 15.0\(1\)sy7 | |
| cisco | ios | 15.0\(1\)sy7a | |
| cisco | ios | 15.0\(1\)sy8 | |
| cisco | ios | 15.0\(1\)sy9 | |
| cisco | ios | 15.0\(1\)sy10 | |
| cisco | ios | 15.0\(2\)ea | |
| cisco | ios | 15.0\(2\)ea1 | |
| cisco | ios | 15.0\(2\)ej | |
| cisco | ios | 15.0\(2\)ej1 | |
| cisco | ios | 15.0\(2\)ek | |
| cisco | ios | 15.0\(2\)ek1 | |
| cisco | ios | 15.0\(2\)ey | |
| cisco | ios | 15.0\(2\)ey1 | |
| cisco | ios | 15.0\(2\)ey2 | |
| cisco | ios | 15.0\(2\)ey3 | |
| cisco | ios | 15.0\(2\)se | |
| cisco | ios | 15.0\(2\)se1 | |
| cisco | ios | 15.0\(2\)se2 | |
| cisco | ios | 15.0\(2\)se3 | |
| cisco | ios | 15.0\(2\)se4 | |
| cisco | ios | 15.0\(2\)se5 | |
| cisco | ios | 15.0\(2\)se6 | |
| cisco | ios | 15.0\(2\)se7 | |
| cisco | ios | 15.0\(2\)se8 | |
| cisco | ios | 15.0\(2\)se9 | |
| cisco | ios | 15.0\(2\)se10 | |
| cisco | ios | 15.0\(2\)se10a | |
| cisco | ios | 15.0\(2\)se11 | |
| cisco | ios | 15.0\(2\)se12 | |
| cisco | ios | 15.0\(2\)se13 | |
| cisco | ios | 15.0\(2\)sg | |
| cisco | ios | 15.0\(2\)sg1 | |
| cisco | ios | 15.0\(2\)sg2 | |
| cisco | ios | 15.0\(2\)sg3 | |
| cisco | ios | 15.0\(2\)sg4 | |
| cisco | ios | 15.0\(2\)sg5 | |
| cisco | ios | 15.0\(2\)sg6 | |
| cisco | ios | 15.0\(2\)sg7 | |
| cisco | ios | 15.0\(2\)sg8 | |
| cisco | ios | 15.0\(2\)sg9 | |
| cisco | ios | 15.0\(2\)sg10 | |
| cisco | ios | 15.0\(2\)sg11 | |
| cisco | ios | 15.0\(2\)sqd | |
| cisco | ios | 15.0\(2\)sqd1 | |
| cisco | ios | 15.0\(2\)sqd2 | |
| cisco | ios | 15.0\(2\)sqd3 | |
| cisco | ios | 15.0\(2\)sqd4 | |
| cisco | ios | 15.0\(2\)sqd5 | |
| cisco | ios | 15.0\(2\)sqd6 | |
| cisco | ios | 15.0\(2\)sqd7 | |
| cisco | ios | 15.0\(2\)sqd8 | |
| cisco | ios | 15.1\(1\)sg | |
| cisco | ios | 15.1\(1\)sg1 | |
| cisco | ios | 15.1\(1\)sg2 | |
| cisco | ios | 15.1\(1\)sy | |
| cisco | ios | 15.1\(1\)sy1 | |
| cisco | ios | 15.1\(1\)sy2 | |
| cisco | ios | 15.1\(1\)sy3 | |
| cisco | ios | 15.1\(1\)sy4 | |
| cisco | ios | 15.1\(1\)sy5 | |
| cisco | ios | 15.1\(1\)sy6 | |
| cisco | ios | 15.1\(2\)sg | |
| cisco | ios | 15.1\(2\)sg1 | |
| cisco | ios | 15.1\(2\)sg2 | |
| cisco | ios | 15.1\(2\)sg3 | |
| cisco | ios | 15.1\(2\)sg4 | |
| cisco | ios | 15.1\(2\)sg5 | |
| cisco | ios | 15.1\(2\)sg6 | |
| cisco | ios | 15.1\(2\)sg7 | |
| cisco | ios | 15.1\(2\)sg8 | |
| cisco | ios | 15.1\(2\)sy | |
| cisco | ios | 15.1\(2\)sy1 | |
| cisco | ios | 15.1\(2\)sy2 | |
| cisco | ios | 15.1\(2\)sy3 | |
| cisco | ios | 15.1\(2\)sy4 | |
| cisco | ios | 15.1\(2\)sy4a | |
| cisco | ios | 15.1\(2\)sy5 | |
| cisco | ios | 15.1\(2\)sy6 | |
| cisco | ios | 15.1\(2\)sy7 | |
| cisco | ios | 15.1\(2\)sy8 | |
| cisco | ios | 15.1\(2\)sy9 | |
| cisco | ios | 15.1\(2\)sy10 | |
| cisco | ios | 15.1\(2\)sy11 | |
| cisco | ios | 15.1\(2\)sy12 | |
| cisco | ios | 15.1\(2\)sy13 | |
| cisco | ios | 15.1\(2\)sy14 | |
| cisco | ios | 15.1\(2\)sy15 | |
| cisco | ios | 15.1\(2\)sy16 | |
| cisco | ios | 15.2\(1\)e | |
| cisco | ios | 15.2\(1\)e1 | |
| cisco | ios | 15.2\(1\)e2 | |
| cisco | ios | 15.2\(1\)e3 | |
| cisco | ios | 15.2\(1\)ey | |
| cisco | ios | 15.2\(1\)sy | |
| cisco | ios | 15.2\(1\)sy0a | |
| cisco | ios | 15.2\(1\)sy1 | |
| cisco | ios | 15.2\(1\)sy1a | |
| cisco | ios | 15.2\(1\)sy2 | |
| cisco | ios | 15.2\(1\)sy3 | |
| cisco | ios | 15.2\(1\)sy4 | |
| cisco | ios | 15.2\(1\)sy5 | |
| cisco | ios | 15.2\(1\)sy6 | |
| cisco | ios | 15.2\(1\)sy7 | |
| cisco | ios | 15.2\(1\)sy8 | |
| cisco | ios | 15.2\(2\)e | |
| cisco | ios | 15.2\(2\)e1 | |
| cisco | ios | 15.2\(2\)e2 | |
| cisco | ios | 15.2\(2\)e3 | |
| cisco | ios | 15.2\(2\)e4 | |
| cisco | ios | 15.2\(2\)e5 | |
| cisco | ios | 15.2\(2\)e5a | |
| cisco | ios | 15.2\(2\)e5b | |
| cisco | ios | 15.2\(2\)e6 | |
| cisco | ios | 15.2\(2\)e7 | |
| cisco | ios | 15.2\(2\)e8 | |
| cisco | ios | 15.2\(2\)e9 | |
| cisco | ios | 15.2\(2\)e10 | |
| cisco | ios | 15.2\(2\)ea | |
| cisco | ios | 15.2\(2\)ea1 | |
| cisco | ios | 15.2\(2\)ea2 | |
| cisco | ios | 15.2\(2\)ea3 | |
| cisco | ios | 15.2\(2\)gc | |
| cisco | ios | 15.2\(2\)jax | |
| cisco | ios | 15.2\(2\)jb | |
| cisco | ios | 15.2\(2\)jb2 | |
| cisco | ios | 15.2\(2\)jb3 | |
| cisco | ios | 15.2\(2\)jb4 | |
| cisco | ios | 15.2\(2\)jb5 | |
| cisco | ios | 15.2\(2\)jb6 | |
| cisco | ios | 15.2\(2\)sy | |
| cisco | ios | 15.2\(2\)sy1 | |
| cisco | ios | 15.2\(2\)sy2 | |
| cisco | ios | 15.2\(2\)sy3 | |
| cisco | ios | 15.2\(2a\)e1 | |
| cisco | ios | 15.2\(2a\)e2 | |
| cisco | ios | 15.2\(3\)e | |
| cisco | ios | 15.2\(3\)e1 | |
| cisco | ios | 15.2\(3\)e2 | |
| cisco | ios | 15.2\(3\)e3 | |
| cisco | ios | 15.2\(3\)e4 | |
| cisco | ios | 15.2\(3\)ea | |
| cisco | ios | 15.2\(3\)gc | |
| cisco | ios | 15.2\(3\)gc1 | |
| cisco | ios | 15.2\(3a\)e | |
| cisco | ios | 15.2\(4\)e | |
| cisco | ios | 15.2\(4\)e1 | |
| cisco | ios | 15.2\(4\)e2 | |
| cisco | ios | 15.2\(4\)e3 | |
| cisco | ios | 15.2\(4\)e4 | |
| cisco | ios | 15.2\(4\)e5 | |
| cisco | ios | 15.2\(4\)e6 | |
| cisco | ios | 15.2\(4\)e7 | |
| cisco | ios | 15.2\(4\)e8 | |
| cisco | ios | 15.2\(4\)e9 | |
| cisco | ios | 15.2\(4\)e10 | |
| cisco | ios | 15.2\(4\)e10a | |
| cisco | ios | 15.2\(4\)e10d | |
| cisco | ios | 15.2\(4\)ea | |
| cisco | ios | 15.2\(4\)ea1 | |
| cisco | ios | 15.2\(4\)ea3 | |
| cisco | ios | 15.2\(4\)ea4 | |
| cisco | ios | 15.2\(4\)ea5 | |
| cisco | ios | 15.2\(4\)ea6 | |
| cisco | ios | 15.2\(4\)ea7 | |
| cisco | ios | 15.2\(4\)ea8 | |
| cisco | ios | 15.2\(4\)ea9 | |
| cisco | ios | 15.2\(4\)ea9a | |
| cisco | ios | 15.2\(4\)ec1 | |
| cisco | ios | 15.2\(4\)ec2 | |
| cisco | ios | 15.2\(4\)gc | |
| cisco | ios | 15.2\(4\)gc1 | |
| cisco | ios | 15.2\(4\)gc2 | |
| cisco | ios | 15.2\(4\)gc3 | |
| cisco | ios | 15.2\(4\)jb | |
| cisco | ios | 15.2\(4\)jb1 | |
| cisco | ios | 15.2\(4\)jb2 | |
| cisco | ios | 15.2\(4\)jb3 | |
| cisco | ios | 15.2\(4\)jb3a | |
| cisco | ios | 15.2\(4\)jb3b | |
| cisco | ios | 15.2\(4\)jb3h | |
| cisco | ios | 15.2\(4\)jb4 | |
| cisco | ios | 15.2\(4\)jb5 | |
| cisco | ios | 15.2\(4\)jb6 | |
| cisco | ios | 15.2\(4\)jn | |
| cisco | ios | 15.2\(4\)m | |
| cisco | ios | 15.2\(4\)m1 | |
| cisco | ios | 15.2\(4\)m2 | |
| cisco | ios | 15.2\(4\)m3 | |
| cisco | ios | 15.2\(4\)m4 | |
| cisco | ios | 15.2\(4\)m5 | |
| cisco | ios | 15.2\(4\)m6 | |
| cisco | ios | 15.2\(4\)m6a | |
| cisco | ios | 15.2\(4\)m7 | |
| cisco | ios | 15.2\(4\)m8 | |
| cisco | ios | 15.2\(4\)m9 | |
| cisco | ios | 15.2\(4\)m10 | |
| cisco | ios | 15.2\(4\)m11 | |
| cisco | ios | 15.2\(5\)e | |
| cisco | ios | 15.2\(5\)e1 | |
| cisco | ios | 15.2\(5\)e2 | |
| cisco | ios | 15.2\(5\)e2c | |
| cisco | ios | 15.2\(5\)ea | |
| cisco | ios | 15.2\(5\)ex | |
| cisco | ios | 15.2\(5a\)e | |
| cisco | ios | 15.2\(5a\)e1 | |
| cisco | ios | 15.2\(5b\)e | |
| cisco | ios | 15.2\(5c\)e | |
| cisco | ios | 15.2\(6\)e | |
| cisco | ios | 15.2\(6\)e0a | |
| cisco | ios | 15.2\(6\)e0c | |
| cisco | ios | 15.2\(6\)e1 | |
| cisco | ios | 15.2\(6\)e2 | |
| cisco | ios | 15.2\(6\)e2a | |
| cisco | ios | 15.2\(6\)e2b | |
| cisco | ios | 15.2\(6\)e3 | |
| cisco | ios | 15.2\(7\)e | |
| cisco | ios | 15.2\(7\)e0a | |
| cisco | ios | 15.2\(7\)e0b | |
| cisco | ios | 15.2\(7\)e0s | |
| cisco | ios | 15.2\(7\)e1 | |
| cisco | ios | 15.2\(7\)e1a | |
| cisco | ios | 15.2\(7\)e2 | |
| cisco | ios | 15.2\(7\)e2a | |
| cisco | ios | 15.2\(7\)e3 | |
| cisco | ios | 15.2\(7\)e3k | |
| cisco | ios | 15.2\(7\)e4 | |
| cisco | ios | 15.2\(7\)e5 | |
| cisco | ios | 15.2\(7\)e6 | |
| cisco | ios | 15.2\(7\)e7 | |
| cisco | ios | 15.2\(7\)e8 | |
| cisco | ios | 15.2\(7\)e9 | |
| cisco | ios | 15.2\(7\)e10 | |
| cisco | ios | 15.2\(7\)e11 | |
| cisco | ios | 15.2\(7\)e12 | |
| cisco | ios | 15.2\(7a\)e0b | |
| cisco | ios | 15.2\(7b\)e0b | |
| cisco | ios | 15.2\(8\)e | |
| cisco | ios | 15.2\(8\)e1 | |
| cisco | ios | 15.2\(8\)e2 | |
| cisco | ios | 15.2\(8\)e3 | |
| cisco | ios | 15.2\(8\)e4 | |
| cisco | ios | 15.2\(8\)e5 | |
| cisco | ios | 15.2\(8\)e6 | |
| cisco | ios | 15.2\(8\)e7 | |
| cisco | ios | 15.3\(1\)sy | |
| cisco | ios | 15.3\(1\)sy1 | |
| cisco | ios | 15.3\(1\)sy2 | |
| cisco | ios | 15.3\(1\)t | |
| cisco | ios | 15.3\(1\)t1 | |
| cisco | ios | 15.3\(1\)t2 | |
| cisco | ios | 15.3\(1\)t3 | |
| cisco | ios | 15.3\(1\)t4 | |
| cisco | ios | 15.3\(2\)t | |
| cisco | ios | 15.3\(2\)t1 | |
| cisco | ios | 15.3\(2\)t2 | |
| cisco | ios | 15.3\(2\)t3 | |
| cisco | ios | 15.3\(2\)t4 | |
| cisco | ios | 15.3\(3\)ja1 | |
| cisco | ios | 15.3\(3\)ja1m | |
| cisco | ios | 15.3\(3\)ja4 | |
| cisco | ios | 15.3\(3\)ja5 | |
| cisco | ios | 15.3\(3\)ja6 | |
| cisco | ios | 15.3\(3\)ja7 | |
| cisco | ios | 15.3\(3\)ja8 | |
| cisco | ios | 15.3\(3\)ja10 | |
| cisco | ios | 15.3\(3\)ja11 | |
| cisco | ios | 15.3\(3\)ja12 | |
| cisco | ios | 15.3\(3\)jaa | |
| cisco | ios | 15.3\(3\)jaa11 | |
| cisco | ios | 15.3\(3\)jaa12 | |
| cisco | ios | 15.3\(3\)jab | |
| cisco | ios | 15.3\(3\)jax | |
| cisco | ios | 15.3\(3\)jax1 | |
| cisco | ios | 15.3\(3\)jax2 | |
| cisco | ios | 15.3\(3\)jb | |
| cisco | ios | 15.3\(3\)jbb | |
| cisco | ios | 15.3\(3\)jbb1 | |
| cisco | ios | 15.3\(3\)jbb2 | |
| cisco | ios | 15.3\(3\)jbb4 | |
| cisco | ios | 15.3\(3\)jbb5 | |
| cisco | ios | 15.3\(3\)jbb6 | |
| cisco | ios | 15.3\(3\)jbb6a | |
| cisco | ios | 15.3\(3\)jbb8 | |
| cisco | ios | 15.3\(3\)jc | |
| cisco | ios | 15.3\(3\)jc1 | |
| cisco | ios | 15.3\(3\)jc2 | |
| cisco | ios | 15.3\(3\)jc3 | |
| cisco | ios | 15.3\(3\)jc4 | |
| cisco | ios | 15.3\(3\)jc5 | |
| cisco | ios | 15.3\(3\)jc6 | |
| cisco | ios | 15.3\(3\)jc8 | |
| cisco | ios | 15.3\(3\)jc9 | |
| cisco | ios | 15.3\(3\)jc14 | |
| cisco | ios | 15.3\(3\)jca7 | |
| cisco | ios | 15.3\(3\)jca8 | |
| cisco | ios | 15.3\(3\)jca9 | |
| cisco | ios | 15.3\(3\)jd | |
| cisco | ios | 15.3\(3\)jd2 | |
| cisco | ios | 15.3\(3\)jd3 | |
| cisco | ios | 15.3\(3\)jd4 | |
| cisco | ios | 15.3\(3\)jd5 | |
| cisco | ios | 15.3\(3\)jd6 | |
| cisco | ios | 15.3\(3\)jd7 | |
| cisco | ios | 15.3\(3\)jd8 | |
| cisco | ios | 15.3\(3\)jd9 | |
| cisco | ios | 15.3\(3\)jd11 | |
| cisco | ios | 15.3\(3\)jd13 | |
| cisco | ios | 15.3\(3\)jd14 | |
| cisco | ios | 15.3\(3\)jd16 | |
| cisco | ios | 15.3\(3\)jd17 | |
| cisco | ios | 15.3\(3\)jda7 | |
| cisco | ios | 15.3\(3\)jda8 | |
| cisco | ios | 15.3\(3\)jda9 | |
| cisco | ios | 15.3\(3\)jda11 | |
| cisco | ios | 15.3\(3\)jda13 | |
| cisco | ios | 15.3\(3\)jda14 | |
| cisco | ios | 15.3\(3\)jda16 | |
| cisco | ios | 15.3\(3\)jda17 | |
| cisco | ios | 15.3\(3\)je | |
| cisco | ios | 15.3\(3\)jf | |
| cisco | ios | 15.3\(3\)jf1 | |
| cisco | ios | 15.3\(3\)jf2 | |
| cisco | ios | 15.3\(3\)jf4 | |
| cisco | ios | 15.3\(3\)jf5 | |
| cisco | ios | 15.3\(3\)jf6 | |
| cisco | ios | 15.3\(3\)jf7 | |
| cisco | ios | 15.3\(3\)jf8 | |
| cisco | ios | 15.3\(3\)jf9 | |
| cisco | ios | 15.3\(3\)jf10 | |
| cisco | ios | 15.3\(3\)jf11 | |
| cisco | ios | 15.3\(3\)jf12 | |
| cisco | ios | 15.3\(3\)jf12i | |
| cisco | ios | 15.3\(3\)jf14 | |
| cisco | ios | 15.3\(3\)jf14i | |
| cisco | ios | 15.3\(3\)jf15 | |
| cisco | ios | 15.3\(3\)jg | |
| cisco | ios | 15.3\(3\)jg1 | |
| cisco | ios | 15.3\(3\)jh | |
| cisco | ios | 15.3\(3\)jh1 | |
| cisco | ios | 15.3\(3\)ji1 | |
| cisco | ios | 15.3\(3\)ji3 | |
| cisco | ios | 15.3\(3\)ji4 | |
| cisco | ios | 15.3\(3\)ji5 | |
| cisco | ios | 15.3\(3\)ji6 | |
| cisco | ios | 15.3\(3\)jj | |
| cisco | ios | 15.3\(3\)jj1 | |
| cisco | ios | 15.3\(3\)jk | |
| cisco | ios | 15.3\(3\)jk1 | |
| cisco | ios | 15.3\(3\)jk1t | |
| cisco | ios | 15.3\(3\)jk2 | |
| cisco | ios | 15.3\(3\)jk2a | |
| cisco | ios | 15.3\(3\)jk3 | |
| cisco | ios | 15.3\(3\)jk4 | |
| cisco | ios | 15.3\(3\)jk5 | |
| cisco | ios | 15.3\(3\)jk6 | |
| cisco | ios | 15.3\(3\)jk7 | |
| cisco | ios | 15.3\(3\)jk8 | |
| cisco | ios | 15.3\(3\)jk8a | |
| cisco | ios | 15.3\(3\)jk8b | |
| cisco | ios | 15.3\(3\)jk9 | |
| cisco | ios | 15.3\(3\)jk10 | |
| cisco | ios | 15.3\(3\)jk11 | |
| cisco | ios | 15.3\(3\)jn3 | |
| cisco | ios | 15.3\(3\)jn4 | |
| cisco | ios | 15.3\(3\)jn7 | |
| cisco | ios | 15.3\(3\)jn8 | |
| cisco | ios | 15.3\(3\)jn9 | |
| cisco | ios | 15.3\(3\)jnb | |
| cisco | ios | 15.3\(3\)jnb1 | |
| cisco | ios | 15.3\(3\)jnb2 | |
| cisco | ios | 15.3\(3\)jnb3 | |
| cisco | ios | 15.3\(3\)jnb4 | |
| cisco | ios | 15.3\(3\)jnb5 | |
| cisco | ios | 15.3\(3\)jnb6 | |
| cisco | ios | 15.3\(3\)jnc | |
| cisco | ios | 15.3\(3\)jnc1 | |
| cisco | ios | 15.3\(3\)jnc4 | |
| cisco | ios | 15.3\(3\)jnd | |
| cisco | ios | 15.3\(3\)jnd1 | |
| cisco | ios | 15.3\(3\)jnd2 | |
| cisco | ios | 15.3\(3\)jnd3 | |
| cisco | ios | 15.3\(3\)jnp | |
| cisco | ios | 15.3\(3\)jnp1 | |
| cisco | ios | 15.3\(3\)jnp3 | |
| cisco | ios | 15.3\(3\)jpb | |
| cisco | ios | 15.3\(3\)jpb1 | |
| cisco | ios | 15.3\(3\)jpc | |
| cisco | ios | 15.3\(3\)jpc1 | |
| cisco | ios | 15.3\(3\)jpc2 | |
| cisco | ios | 15.3\(3\)jpc3 | |
| cisco | ios | 15.3\(3\)jpc5 | |
| cisco | ios | 15.3\(3\)jpd | |
| cisco | ios | 15.3\(3\)jpi1 | |
| cisco | ios | 15.3\(3\)jpi1t | |
| cisco | ios | 15.3\(3\)jpi4 | |
| cisco | ios | 15.3\(3\)jpi5 | |
| cisco | ios | 15.3\(3\)jpi6a | |
| cisco | ios | 15.3\(3\)jpi7 | |
| cisco | ios | 15.3\(3\)jpi8a | |
| cisco | ios | 15.3\(3\)jpi9 | |
| cisco | ios | 15.3\(3\)jpi10 | |
| cisco | ios | 15.3\(3\)jpj2 | |
| cisco | ios | 15.3\(3\)jpj2t | |
| cisco | ios | 15.3\(3\)jpj3 | |
| cisco | ios | 15.3\(3\)jpj3a | |
| cisco | ios | 15.3\(3\)jpj4 | |
| cisco | ios | 15.3\(3\)jpj5 | |
| cisco | ios | 15.3\(3\)jpj6 | |
| cisco | ios | 15.3\(3\)jpj7 | |
| cisco | ios | 15.3\(3\)jpj7c | |
| cisco | ios | 15.3\(3\)jpj8a | |
| cisco | ios | 15.3\(3\)jpj9 | |
| cisco | ios | 15.3\(3\)jpj10 | |
| cisco | ios | 15.3\(3\)jpj11 | |
| cisco | ios | 15.3\(3\)jpk | |
| cisco | ios | 15.3\(3\)jpk1 | |
| cisco | ios | 15.3\(3\)jpk2 | |
| cisco | ios | 15.3\(3\)jpk3 | |
| cisco | ios | 15.3\(3\)jpk4 | |
| cisco | ios | 15.3\(3\)jpk5 | |
| cisco | ios | 15.3\(3\)jpk6 | |
| cisco | ios | 15.3\(3\)jpk7 | |
| cisco | ios | 15.3\(3\)jpk8 | |
| cisco | ios | 15.3\(3\)jpk9 | |
| cisco | ios | 15.3\(3\)jpl | |
| cisco | ios | 15.3\(3\)jpm | |
| cisco | ios | 15.3\(3\)jpn | |
| cisco | ios | 15.3\(3\)jpn1 | |
| cisco | ios | 15.3\(3\)jpn2 | |
| cisco | ios | 15.3\(3\)jpn3 | |
| cisco | ios | 15.3\(3\)jpn4 | |
| cisco | ios | 15.3\(3\)jpn5 | |
| cisco | ios | 15.3\(3\)jpn6 | |
| cisco | ios | 15.3\(3\)jpo | |
| cisco | ios | 15.3\(3\)jpp | |
| cisco | ios | 15.3\(3\)jpq | |
| cisco | ios | 15.3\(3\)jpq1 | |
| cisco | ios | 15.3\(3\)jpq2 | |
| cisco | ios | 15.3\(3\)jpq3 | |
| cisco | ios | 15.3\(3\)jpq4 | |
| cisco | ios | 15.3\(3\)jpq5 | |
| cisco | ios | 15.3\(3\)jpr | |
| cisco | ios | 15.3\(3\)jps | |
| cisco | ios | 15.3\(3\)jpt | |
| cisco | ios | 15.3\(3\)jpt1 | |
| cisco | ios | 15.3\(3\)jpt2 | |
| cisco | ios | 15.3\(3\)m | |
| cisco | ios | 15.3\(3\)m1 | |
| cisco | ios | 15.3\(3\)m2 | |
| cisco | ios | 15.3\(3\)m3 | |
| cisco | ios | 15.3\(3\)m4 | |
| cisco | ios | 15.3\(3\)m5 | |
| cisco | ios | 15.3\(3\)m6 | |
| cisco | ios | 15.3\(3\)m7 | |
| cisco | ios | 15.3\(3\)m8 | |
| cisco | ios | 15.3\(3\)m8a | |
| cisco | ios | 15.3\(3\)m9 | |
| cisco | ios | 15.3\(3\)m10 | |
| cisco | ios | 15.4\(1\)cg | |
| cisco | ios | 15.4\(1\)cg1 | |
| cisco | ios | 15.4\(1\)sy | |
| cisco | ios | 15.4\(1\)sy1 | |
| cisco | ios | 15.4\(1\)sy2 | |
| cisco | ios | 15.4\(1\)sy3 | |
| cisco | ios | 15.4\(1\)sy4 | |
| cisco | ios | 15.4\(1\)t | |
| cisco | ios | 15.4\(1\)t1 | |
| cisco | ios | 15.4\(1\)t2 | |
| cisco | ios | 15.4\(1\)t3 | |
| cisco | ios | 15.4\(1\)t4 | |
| cisco | ios | 15.4\(2\)cg | |
| cisco | ios | 15.4\(2\)t | |
| cisco | ios | 15.4\(2\)t1 | |
| cisco | ios | 15.4\(2\)t2 | |
| cisco | ios | 15.4\(2\)t3 | |
| cisco | ios | 15.4\(2\)t4 | |
| cisco | ios | 15.5\(1\)s | |
| cisco | ios | 15.5\(1\)s1 | |
| cisco | ios | 15.5\(1\)s2 | |
| cisco | ios | 15.5\(1\)s3 | |
| cisco | ios | 15.5\(1\)s4 | |
| cisco | ios | 15.5\(1\)sy | |
| cisco | ios | 15.5\(1\)sy1 | |
| cisco | ios | 15.5\(1\)sy2 | |
| cisco | ios | 15.5\(1\)sy3 | |
| cisco | ios | 15.5\(1\)sy4 | |
| cisco | ios | 15.5\(1\)sy5 | |
| cisco | ios | 15.5\(1\)sy6 | |
| cisco | ios | 15.5\(1\)sy7 | |
| cisco | ios | 15.5\(1\)sy8 | |
| cisco | ios | 15.5\(1\)sy9 | |
| cisco | ios | 15.5\(1\)sy10 | |
| cisco | ios | 15.5\(1\)sy11 | |
| cisco | ios | 15.5\(1\)sy12 | |
| cisco | ios | 15.5\(1\)sy13 | |
| cisco | ios | 15.5\(1\)sy14 | |
| cisco | ios | 15.5\(1\)sy15 | |
| cisco | ios | 15.5\(1\)t | |
| cisco | ios | 15.5\(1\)t1 | |
| cisco | ios | 15.5\(1\)t2 | |
| cisco | ios | 15.5\(1\)t3 | |
| cisco | ios | 15.5\(1\)t4 | |
| cisco | ios | 15.5\(2\)s | |
| cisco | ios | 15.5\(2\)s1 | |
| cisco | ios | 15.5\(2\)s2 | |
| cisco | ios | 15.5\(2\)s3 | |
| cisco | ios | 15.5\(2\)s4 | |
| cisco | ios | 15.5\(2\)t | |
| cisco | ios | 15.5\(2\)t1 | |
| cisco | ios | 15.5\(2\)t2 | |
| cisco | ios | 15.5\(2\)t3 | |
| cisco | ios | 15.5\(2\)t4 | |
| cisco | ios | 15.5\(3\)m | |
| cisco | ios | 15.5\(3\)m0a | |
| cisco | ios | 15.5\(3\)m1 | |
| cisco | ios | 15.5\(3\)m2 | |
| cisco | ios | 15.5\(3\)m3 | |
| cisco | ios | 15.5\(3\)m4 | |
| cisco | ios | 15.5\(3\)m4a | |
| cisco | ios | 15.5\(3\)m5 | |
| cisco | ios | 15.5\(3\)m6 | |
| cisco | ios | 15.5\(3\)m6a | |
| cisco | ios | 15.5\(3\)m7 | |
| cisco | ios | 15.5\(3\)m8 | |
| cisco | ios | 15.5\(3\)m9 | |
| cisco | ios | 15.5\(3\)m10 | |
| cisco | ios | 15.5\(3\)s | |
| cisco | ios | 15.5\(3\)s0a | |
| cisco | ios | 15.5\(3\)s1 | |
| cisco | ios | 15.5\(3\)s1a | |
| cisco | ios | 15.5\(3\)s2 | |
| cisco | ios | 15.5\(3\)s3 | |
| cisco | ios | 15.5\(3\)s4 | |
| cisco | ios | 15.5\(3\)s5 | |
| cisco | ios | 15.5\(3\)s6 | |
| cisco | ios | 15.5\(3\)s6a | |
| cisco | ios | 15.5\(3\)s6b | |
| cisco | ios | 15.5\(3\)s7 | |
| cisco | ios | 15.5\(3\)s8 | |
| cisco | ios | 15.5\(3\)s9 | |
| cisco | ios | 15.5\(3\)s9a | |
| cisco | ios | 15.5\(3\)s10 | |
| cisco | ios | 15.5\(3\)sn | |
| cisco | ios | 15.6\(1\)s | |
| cisco | ios | 15.6\(1\)s1 | |
| cisco | ios | 15.6\(1\)s2 | |
| cisco | ios | 15.6\(1\)s3 | |
| cisco | ios | 15.6\(1\)s4 | |
| cisco | ios | 15.6\(1\)t | |
| cisco | ios | 15.6\(1\)t0a | |
| cisco | ios | 15.6\(1\)t1 | |
| cisco | ios | 15.6\(1\)t2 | |
| cisco | ios | 15.6\(1\)t3 | |
| cisco | ios | 15.6\(2\)s | |
| cisco | ios | 15.6\(2\)s1 | |
| cisco | ios | 15.6\(2\)s2 | |
| cisco | ios | 15.6\(2\)s3 | |
| cisco | ios | 15.6\(2\)s4 | |
| cisco | ios | 15.6\(2\)sn | |
| cisco | ios | 15.6\(2\)sp | |
| cisco | ios | 15.6\(2\)sp1 | |
| cisco | ios | 15.6\(2\)sp2 | |
| cisco | ios | 15.6\(2\)sp3 | |
| cisco | ios | 15.6\(2\)sp4 | |
| cisco | ios | 15.6\(2\)sp5 | |
| cisco | ios | 15.6\(2\)sp6 | |
| cisco | ios | 15.6\(2\)sp7 | |
| cisco | ios | 15.6\(2\)sp8 | |
| cisco | ios | 15.6\(2\)sp9 | |
| cisco | ios | 15.6\(2\)t | |
| cisco | ios | 15.6\(2\)t1 | |
| cisco | ios | 15.6\(2\)t2 | |
| cisco | ios | 15.6\(2\)t3 | |
| cisco | ios | 15.6\(3\)m | |
| cisco | ios | 15.6\(3\)m0a | |
| cisco | ios | 15.6\(3\)m1 | |
| cisco | ios | 15.6\(3\)m1b | |
| cisco | ios | 15.6\(3\)m2 | |
| cisco | ios | 15.6\(3\)m2a | |
| cisco | ios | 15.6\(3\)m3 | |
| cisco | ios | 15.6\(3\)m3a | |
| cisco | ios | 15.6\(3\)m4 | |
| cisco | ios | 15.6\(3\)m5 | |
| cisco | ios | 15.6\(3\)m6 | |
| cisco | ios | 15.6\(3\)m6a | |
| cisco | ios | 15.6\(3\)m6b | |
| cisco | ios | 15.6\(3\)m7 | |
| cisco | ios | 15.6\(3\)m8 | |
| cisco | ios | 15.6\(3\)m9 | |
| cisco | ios | 15.7\(3\)m | |
| cisco | ios | 15.7\(3\)m0a | |
| cisco | ios | 15.7\(3\)m1 | |
| cisco | ios | 15.7\(3\)m2 | |
| cisco | ios | 15.7\(3\)m3 | |
| cisco | ios | 15.7\(3\)m4 | |
| cisco | ios | 15.7\(3\)m4a | |
| cisco | ios | 15.7\(3\)m4b | |
| cisco | ios | 15.7\(3\)m5 | |
| cisco | ios | 15.7\(3\)m6 | |
| cisco | ios | 15.7\(3\)m7 | |
| cisco | ios | 15.7\(3\)m8 | |
| cisco | ios | 15.7\(3\)m9 | |
| cisco | ios | 15.8\(3\)m | |
| cisco | ios | 15.8\(3\)m0a | |
| cisco | ios | 15.8\(3\)m0b | |
| cisco | ios | 15.8\(3\)m1 | |
| cisco | ios | 15.8\(3\)m1a | |
| cisco | ios | 15.8\(3\)m2 | |
| cisco | ios | 15.8\(3\)m2a | |
| cisco | ios | 15.8\(3\)m3 | |
| cisco | ios | 15.8\(3\)m3a | |
| cisco | ios | 15.8\(3\)m3b | |
| cisco | ios | 15.8\(3\)m4 | |
| cisco | ios | 15.8\(3\)m5 | |
| cisco | ios | 15.8\(3\)m6 | |
| cisco | ios | 15.8\(3\)m7 | |
| cisco | ios | 15.8\(3\)m8 | |
| cisco | ios | 15.8\(3\)m9 | |
| cisco | ios | 15.9\(3\)m | |
| cisco | ios | 15.9\(3\)m0a | |
| cisco | ios | 15.9\(3\)m1 | |
| cisco | ios | 15.9\(3\)m2 | |
| cisco | ios | 15.9\(3\)m2a | |
| cisco | ios | 15.9\(3\)m3 | |
| cisco | ios | 15.9\(3\)m3a | |
| cisco | ios | 15.9\(3\)m3b | |
| cisco | ios | 15.9\(3\)m4 | |
| cisco | ios | 15.9\(3\)m4a | |
| cisco | ios | 15.9\(3\)m5 | |
| cisco | ios | 15.9\(3\)m6 | |
| cisco | ios | 15.9\(3\)m6a | |
| cisco | ios | 15.9\(3\)m6b | |
| cisco | ios | 15.9\(3\)m7 | |
| cisco | ios | 15.9\(3\)m7a | |
| cisco | ios | 15.9\(3\)m8 | |
| cisco | ios | 15.9\(3\)m8b | |
| cisco | ios | 15.9\(3\)m9 | |
| cisco | ios | 15.9\(3\)m10 | |
| cisco | ios | 15.9\(3\)m11 |
{
"cisaActionDue": "2025-10-20",
"cisaExploitAdd": "2025-09-29",
"cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A45A569-C122-4474-BE14-AF7BA71736BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC516F4-F6DD-460D-BBC4-DD32CC0F1180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD04C1FB-F8F8-486A-9E2F-EB01856B1C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "156D51A0-506C-47FD-BF45-955C1B881976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "23468BBF-F5AB-4924-A084-F065BB02BF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A03544C9-6037-4D88-8D0E-513DFCB4CC13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B681843-64AE-4987-B94A-DD9A915846CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "C022D72E-D7E5-4910-8D0A-D488348D10D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.3b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F49E6EE-95D6-4419-BDC7-274F30C53886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B56C494-9925-46DE-B1FA-3D1C46093F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BA375C35-61CC-4123-967C-1E4B40673D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C32EAF-90A1-4391-B82D-A1F8E6A83E0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA58A8E-D63E-4276-BB92-35B7F4D2760E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "54C51F43-FDA7-4F87-9EA7-3049E6EA17B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "36994E4F-2207-4CD6-8605-9A7D641AC769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF6B43E-2EB9-4D74-8C92-6D5AFDFECF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.2r:*:*:*:*:*:*:*",
"matchCriteriaId": "7050DADE-B994-4A5E-A093-EAB6FEF0B3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "85FE74B7-E21A-4E99-BD60-37BC4C10BD94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A81BD856-D376-46EA-9C6E-48DA6C5EA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "EE89B334-1927-4359-9CA6-9EFF4A247949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "89E31772-E8D3-4BC8-B337-B33BCAC4C750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "C14EB390-BA15-45C9-B971-D66CD98B0EDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.0sq:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCF5A7C-202D-44F8-97D3-694F876050D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "748C5458-8F16-4DA4-8BDE-D00BF42DC8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.1sq:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EA559D-5184-4E19-8A32-ECA41C930AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "2B82207E-7E19-4E0A-93E6-C631897793D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.2sq:*:*:*:*:*:*:*",
"matchCriteriaId": "716D8805-D461-4066-9BFD-1EA895E4B997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A02F04-6717-403D-8A6B-B365F74DEE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.3sq:*:*:*:*:*:*:*",
"matchCriteriaId": "7150819E-EFB5-4224-975C-84EDBBB2881D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.4sq:*:*:*:*:*:*:*",
"matchCriteriaId": "E81F4068-35A1-4712-9B88-F6E574B2DE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.5sq:*:*:*:*:*:*:*",
"matchCriteriaId": "28DDB45D-1B19-4FAB-B985-F8E5D38A3ED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.6sq:*:*:*:*:*:*:*",
"matchCriteriaId": "29794A8C-B1CC-492F-9A68-02EEE994743B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.7sq:*:*:*:*:*:*:*",
"matchCriteriaId": "4CBBDA12-AF2E-400B-979D-3657F1F2C15B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.8sq:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7F55DC-38F5-4B19-A699-90E1D302A04B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "455DAAB8-83B4-44B9-B2F7-2DC9EA796898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "5F462360-3597-420B-ACB8-44A6F622C8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.2ae:*:*:*:*:*:*:*",
"matchCriteriaId": "39DED4C1-E7AF-48E0-8B1A-839A87E52992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "96CA4E70-28BE-434C-811A-C16474CFD87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "E77A9A46-517E-467B-A702-E6F6DD9FCD96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.4e:*:*:*:*:*:*:*",
"matchCriteriaId": "AD485792-290B-4553-AAB2-DA7427DE7131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.5ae:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7139C7-3C02-46C9-8F89-CB517A706CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "0D365DFD-C99B-4F33-9A90-1162C7A4D3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "671F6847-6855-41BF-A148-944AEEB32A5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.7be:*:*:*:*:*:*:*",
"matchCriteriaId": "A7CC0497-24F5-42ED-99A6-4C8642F73F08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "120DA9BF-1153-41C8-B80D-3F99E0E28A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.8e:*:*:*:*:*:*:*",
"matchCriteriaId": "89812FA8-230C-4F62-8AA8-7F13FA86B805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.9e:*:*:*:*:*:*:*",
"matchCriteriaId": "9D17DB28-2559-4837-8B4B-7CC722D73324",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.10e:*:*:*:*:*:*:*",
"matchCriteriaId": "D92991EE-BB4A-499D-8F14-F7D0E32BE31E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "A56AE607-0AD0-487A-A266-C15EAF40F2CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "5F8B8DBC-F273-4ADE-97F4-584DE23F1CEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "705971E9-7FB4-43EA-A1AE-C91865EADE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "F481A851-D607-4CEF-87C5-147FFBC97D3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.4e:*:*:*:*:*:*:*",
"matchCriteriaId": "355F4945-4FFA-469F-A799-815F371C637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "1432B59F-5A66-4A5A-B3F7-E297700ED9C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "013DD522-1561-4468-A350-C872B78FC291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "6907E1FE-760E-4557-A472-1A1F0052B82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "62291CDD-A775-44B4-85F3-CE1D494F55FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "658EDFE2-6EC8-4DD3-AACA-C168F942712A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.4e:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCBE369-81ED-4C94-8C44-53C6F4A087CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.5ae:*:*:*:*:*:*:*",
"matchCriteriaId": "90005E78-413A-47D7-82B3-A3011E6B118D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "D764D126-4604-43DD-9A66-BDD32565D893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "EA25E3C0-24C1-479C-8C8F-A6FB9C5002FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "06067D8B-79BD-4982-909F-7C08BE5660C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.8e:*:*:*:*:*:*:*",
"matchCriteriaId": "8EAFB8DA-F9EC-4A42-A663-1BB4EF8F5E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.9e:*:*:*:*:*:*:*",
"matchCriteriaId": "672B77C7-0E6B-496D-9ACC-6AD965319B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.10e:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA1D885-2270-4370-9F3F-CA80B0E96DD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "B9EC727B-AF92-460D-B61D-F45ECEEE5D56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "D5604A84-8240-45B6-9027-B03AA549CD5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9846AE-1344-4EE4-9FDF-6CE17D9461FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.0ce:*:*:*:*:*:*:*",
"matchCriteriaId": "3363DF79-8A5A-4BE2-B04C-253A4A3A0ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "25725655-EBDE-4538-8AE1-CF5C81F09C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4E206B-37BF-4D61-BE90-80BB65C0C582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "4117E2EC-F58A-4B22-AB72-FC63A0D96E7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "20286676-70FF-471C-9612-74E5F0ECB8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "F327F7D0-93E8-4005-9ECB-44852C16BB4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.1ae:*:*:*:*:*:*:*",
"matchCriteriaId": "27252883-091A-471D-87FC-E07EADBC6FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF9D58E-CD75-47B1-938C-B5C0A73E28FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C340CE-7F18-448B-B9BE-BFEB1724C882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.3ae:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C1CA89-0FE4-4DC3-BB4B-299114E172AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "5F79BC92-0869-447C-AF34-3FBF42375D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.4e:*:*:*:*:*:*:*",
"matchCriteriaId": "4615A652-96A3-4809-94C0-7B7BF607B519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "4A31B2A2-E88A-49AA-B187-3EA91CB8842A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "1B26F38B-B72E-4BB7-B9FB-18C8AF92E05A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "1D58A513-5A75-48C1-9B9E-FAD0C30AC5DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.8e:*:*:*:*:*:*:*",
"matchCriteriaId": "BD133FF7-A5D6-4463-94DC-7A4642610591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.9e:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7C7D72-DC07-4FEA-939B-1D1323A3E6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.10e:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBA92E2-5219-40B7-8D80-0B4C796DCDF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.11e:*:*:*:*:*:*:*",
"matchCriteriaId": "4F70C64B-04FF-49EC-A58D-08729831298C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.12e:*:*:*:*:*:*:*",
"matchCriteriaId": "334B45D5-14FE-4FB1-9A06-553B7E860D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "FD803F59-1CD2-4CA9-9EB1-3CC4ABCD9547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9247665-BBE7-4DEF-B97B-4981A0EA5CE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "E61E0102-B9B6-41F4-9041-0A5F144D849A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "579C9E7F-6AE4-4DF5-ABCF-DB390E4669E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "2A076E1F-3457-410A-8AB6-64416ECB20A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD93CD1-4188-40B7-A20E-9C3FE8344A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEAB7F8-EAB5-4E7A-8A1B-38EC16D601FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "2972E680-5A19-4858-9B35-0B959ED319A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BFE916-916F-4936-A331-21A0E8193920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EC9A19-26E6-4E69-B4E7-852CB6327EAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5484A4-D116-4B79-8369-47979E20AACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*",
"matchCriteriaId": "5568EABF-8F43-4A87-8DE4-A03E9065BE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E5BB91-B5E7-4961-87DC-26596E5EDED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*",
"matchCriteriaId": "AC72AA6D-9E18-49F7-95CA-A4A5D7A60E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "D3822447-EB80-4DF2-B7F2-471F55BA99C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2as:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0B441A-3A09-4A58-8A40-D463003A50BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2bs:*:*:*:*:*:*:*",
"matchCriteriaId": "51E1A64A-204D-4567-A2DC-EFEB2AE62B54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "970FD986-6D0E-441C-9BF3-C66A25763A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3as:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEFD3AD-EFA2-4808-801E-B98E4C63AA76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "1826C997-6D5D-480E-A12E-3048B6C61216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4as:*:*:*:*:*:*:*",
"matchCriteriaId": "5D136C95-F837-49AD-82B3-81C25F68D0EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4bs:*:*:*:*:*:*:*",
"matchCriteriaId": "C35B3F96-B342-4AFC-A511-7A735B961ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4ds:*:*:*:*:*:*:*",
"matchCriteriaId": "DED2D791-4142-4B9E-8401-6B63357536B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBEF4B2-EA12-445A-823E-E0E5343A405E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.5s:*:*:*:*:*:*:*",
"matchCriteriaId": "844E7CEC-5CB6-47AE-95F7-75693347C08E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.6bs:*:*:*:*:*:*:*",
"matchCriteriaId": "E50A67CE-EB1C-4BFA-AB40-BCF6CDF168BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.6s:*:*:*:*:*:*:*",
"matchCriteriaId": "147A245E-9A5D-4178-A1AC-5B0D41C3B730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.7as:*:*:*:*:*:*:*",
"matchCriteriaId": "169D71B3-1CCE-4526-8D91-048212EEDF08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.7bs:*:*:*:*:*:*:*",
"matchCriteriaId": "27F66514-B9C4-422E-B68E-406608302E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.7s:*:*:*:*:*:*:*",
"matchCriteriaId": "E2438157-4D9C-4E16-9D2A-759A8F6CDDE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.8s:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECC01E-E59F-4AED-AE51-7EE6B5E717E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.9s:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC524BA-544C-49B9-A9D6-800D25556532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.10s:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC99316-75AC-45EB-B6BB-DB014ED08ECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "12793F39-13C4-4DBC-9B78-FE361BDDF89D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1as:*:*:*:*:*:*:*",
"matchCriteriaId": "1AEF94C7-CEE6-4696-9F1D-549639A831C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "876767C7-0196-4226-92B1-DDE851B53655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "0141D67B-632F-48ED-8837-4CC799616C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "141FFB5E-EA72-4FC1-B87A-B5E2D5FCFE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "FE444B39-D025-471B-835E-88671212ACAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0as:*:*:*:*:*:*:*",
"matchCriteriaId": "BE390091-D382-4436-BBB4-D4C33E4F6714",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "EE81AA43-88D4-4EFC-B8F6-A41EFF437819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0sp:*:*:*:*:*:*:*",
"matchCriteriaId": "C18E6308-7A34-43E3-9AD8-5FB52B31ACB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1asp:*:*:*:*:*:*:*",
"matchCriteriaId": "A667AEC6-57E3-4D67-A02E-F0BAEBCE16DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1bsp:*:*:*:*:*:*:*",
"matchCriteriaId": "80EE163D-D9EC-46A1-826A-54F8F3A3FFBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1csp:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE4CFE4-C00F-4FAE-8FDF-F6C92E92838D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEBCBF7-D1CF-488F-BB3E-F864F901A96A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1sp:*:*:*:*:*:*:*",
"matchCriteriaId": "06BBE88E-FEFB-4B90-91D1-4F053FA0EA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.2asp:*:*:*:*:*:*:*",
"matchCriteriaId": "0D43FA49-1F9D-4FD0-AF18-6E9AB6DF702F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8CCA19-1D1C-45C0-A1A0-CED5885AD580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.2sp:*:*:*:*:*:*:*",
"matchCriteriaId": "014224BF-926E-470C-A133-84036D8AD533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3asp:*:*:*:*:*:*:*",
"matchCriteriaId": "10B0DE46-C4C4-4DA1-A4CD-9627F13FED3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3bsp:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E818D-03BB-4FE4-946B-B967E9764DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "4063CCF8-19BE-4411-B71B-147BB146700B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3sp:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE8E0D1-E4AD-4648-BCF0-AE11B93D22B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "186ADB50-A4D4-4B32-884D-3195E7770346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.4sp:*:*:*:*:*:*:*",
"matchCriteriaId": "334F278A-CFEB-4145-9D8D-EFC36A1BF258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.5sp:*:*:*:*:*:*:*",
"matchCriteriaId": "3B76F26E-7B1C-4894-8CDD-4BA1243E4EAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.6sp:*:*:*:*:*:*:*",
"matchCriteriaId": "B5FB99D7-CDA9-4C3E-9DBB-3AC1CEBA4D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.7sp:*:*:*:*:*:*:*",
"matchCriteriaId": "63D05DBA-D3F0-492B-9976-54A7E46F315E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.8asp:*:*:*:*:*:*:*",
"matchCriteriaId": "596E09DB-97B1-4DCE-AC5E-18CC9ACCAFB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.9sp:*:*:*:*:*:*:*",
"matchCriteriaId": "CB2D4A7B-E0B7-4D65-B242-75934490D703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F821EBD7-91E2-4460-BFAF-18482CF6CB8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E36D2D24-8F63-46DE-AC5F-8DE33332EBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B825E6-5929-4890-BDBA-4CF4BD2314C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65020120-491D-46CD-8C73-974B6F4C11E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7ADDCD0A-6168-45A0-A885-76CC70FE2FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D83E34F4-F4DD-49CC-9C95-93F9D4D26B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "D2833EAE-94C8-4279-A244-DDB6E2D15DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8F50DB-3A80-4D89-9F7B-86766D37338B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFC70A2-87BC-4898-BCF3-57F7B1DD5F10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8DA556-ABF3-48D0-95B8-E57DBE1B5A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "01B53828-C520-4845-9C14-6C7D50EAA3A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "20F23DB7-6F8E-470A-9B43-0ACEEF331C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "623BF701-ADC9-4F24-93C5-043A6A7FEF5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E5311FBE-12BF-41AC-B8C6-D86007834863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "52FB055E-72F9-4CB7-A51D-BF096BD1A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FBD681F-7969-42BE-A47E-7C287755DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98255E6F-3056-487D-9157-403836EFB9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "521ACFB0-4FB2-44DB-AD7B-C27F9059DE66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4463A1D1-E169-4F0B-91B2-FA126BB444CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D97F69C3-CAA6-491C-A0B6-6DC12B5AB472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD58C58-1B0C-4A71-8C02-F555CEF9C253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "96852D16-AF50-4C70-B125-D2349E6765D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "A15B882A-BA60-4932-A55E-F4A798B30EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9C585C-A6EC-4385-B915-046C110BF95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC2EE60-4A07-4D92-B9BC-BF07CF4F2BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47DBE4ED-1CD8-4134-9B33-17A91F44F17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0375BF9E-D04B-4E5B-9051-536806ECA44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "2266E5A2-B3F6-4389-B8E2-42CB845EC7F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "78DE7780-4E8B-4BB6-BDEB-58032EC65851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F29CEE37-4044-4A3C-9685-C9C021FD346A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FDA817-3A50-4B9E-8F4E-F613BDB3E9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "1E16D266-108F-4F8A-998D-F1CA25F2EAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BF9829-F80E-4837-A420-39B291C4E17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AB80E7-0714-44ED-9671-12C877B36A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5f:*:*:*:*:*:*:*",
"matchCriteriaId": "10182B94-6831-461E-B0FC-9476EAB6EBEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "961F8312-31B9-44E7-8858-EF8E2134F447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3D62EE1B-9A59-406C-B7DF-91B495F3ECFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "79CF8D4E-F82A-469C-A8C2-0C203A800A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D136D2BC-FFB5-4912-A3B1-BD96148CB9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "A22256FE-431C-4AD9-9E7F-7EAC2D81B1B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD5B3AB-27C2-4055-A3B7-0112D089FDA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "04081A51-E08F-4114-9276-584E836181D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "ADED0D82-2A4D-4235-BFAC-5EE2D862B652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "62A46516-CEB7-48D4-879B-341963A1FA31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1g:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EF98FA-6DF9-4935-9639-143E08462BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A443E93-6C4B-4F86-BA7C-7C2A929E795A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECEDD9D-6517-44BA-A95F-D1D5488C0E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "314C7763-A64D-4023-9F3F-9A821AE4151F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "5820D71D-FC93-45AA-BC58-A26A1A39C936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B53E377A-0296-4D7A-B97C-576B0026543D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD98C9E8-3EA6-4160-970D-37C389576516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "7745ED34-D59D-49CC-B174-96BCA03B3374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "19AF4CF3-6E79-4EA3-974D-CD451A192BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "313BD54C-073C-4F27-82D5-C99EFC3A20F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "93B96E01-3777-4C33-9225-577B469A6CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "D18B32E3-6B33-4E3D-879A-82E2F0BFC906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z2:*:*:*:*:*:*:*",
"matchCriteriaId": "46E37204-FC9A-4397-AFA4-9CAC7A116D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "443D78BA-A3DA-4D1F-A4DF-2F426DC6B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9173AD6-6658-4267-AAA7-D50D0B657528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F02EE9D-45B1-43D6-B05D-6FF19472216B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8FCB9440-F470-45D1-AAFA-01FB5D76B600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "3F66ECFE-B631-47AE-995F-024A4E586A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBFDD70-7AF3-47AE-94CA-56C19F2D6234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5B736F09-3B51-4B2A-92F6-602847001F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "2F58A94E-B050-4EFA-84BA-43B11BA22E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E864BB1-FD23-4AB3-9138-5FD8B62EAF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "838D6C2D-C131-4A9C-AAE5-5BF38E637E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "37D5E77B-687D-4AE7-95B8-0AB56AF5DAD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "91EF2384-9939-4F86-8A0F-7CB7034980E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.10a:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E51B09-D66D-4AE8-AF96-AEDE54A7C209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AF595930-44E0-41FD-A0EF-C8E301E6585B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5F621724-9BA3-4D47-AAB8-08D7A541EBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.13:*:*:*:*:*:*:*",
"matchCriteriaId": "82E2A28A-700E-4546-AA94-2B13C925BDFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08DCCBA3-82D2-4444-B5D3-E5FC58D024F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E21B3881-37E9-4C00-9336-12C9C28D1B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "E54599DB-A85E-4EEA-9985-2CBF90E28A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B70A3D-CBE1-4218-A7B4-F85741A57BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB1E60-C2A9-4570-BE80-F3D478A53738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9841799A-87E2-46AE-807A-824981EAB35A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEF022B-271F-4017-B74B-82748D5EBA01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B2902D8-3A7B-4C47-9BC6-8CA4C580A346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "8871B890-78F4-4D9D-AEFF-6A393493C51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "9E489AC5-A445-44FF-AA85-F0915577384E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "917BA05C-2A18-4C68-B508-85C2B5A94416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "06337791-7D8D-4EAA-BACC-4E270F377B3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "336A8630-653C-4E28-8DE1-76CDD8573980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1767AE-7D9F-4BAA-90E1-CF8314CD0B53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "274E3E6F-4280-4EAE-B102-1BE57FE1F1D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "46B52A51-51DB-4A12-AB1D-8D9605226599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BE7166-DBD3-4CE6-A14A-725FE896B85E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE62C4B-7C06-4907-BADE-416C1618D2D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0C60DF3F-DBD9-4BBF-812E-4BB0C47BDF3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "26FEE2E2-DD85-4006-8895-0BDA04E8EE4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CD237B-2843-4D37-87D7-AE6D1A53458A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "1B80614B-6362-45F0-B305-2F137B053DCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "47B20C7E-1C9C-4EF4-91E4-388643C4B9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7966A0-D84D-47F7-AED9-D041BCDA6703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04D19D8C-FACF-49B4-BA99-CC3A3FDADAFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B78942C-BEE1-4D18-9075-8E1D991BF621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "5B306D35-4A13-4D23-8EC2-D000E8ADCDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9F21093D-1036-4F6B-B90F-ACE1EF99EA33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280D24C6-A2BF-46E8-B512-6A3FA7833922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "1F903F51-ABF4-49B0-A5BA-A6B51F79666F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F244E7-8EE9-4E58-83FA-EEDD3C8F792D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "5238B1D1-740D-4B37-A0CB-1B3343E55D05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "27E0750C-A622-49D6-A8EF-B59E2F8F1912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2258D93E-71AA-4964-A5DF-008E3479F2A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "608ACC60-143B-4835-B6AC-E6C3111B4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38B87B17-C653-40AC-8AE4-066BB1123C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9012A66E-82C4-4ACF-A4BB-37EC54B87B50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9C945710-7DC3-43D9-9FBE-F2A1B8666C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "849C6FF1-F7C0-4021-BCA2-A791C87E4F37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7592C7E3-3735-425F-A276-9EE03224CD5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1103BE75-EB64-4A9A-801E-EDE6A1F861F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "7452C7E9-6241-42C5-9A7F-13C0BD38A2B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "38C48FC4-5362-4B61-8B8C-7CAFFB81045E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC43383-DF99-4D38-A220-0A202623B36A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E6CD08-EC7E-42C1-B2C2-CA5E154545A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "DE62DC68-E882-49E7-AAD2-2F73637FFB4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y1:*:*:*:*:*:*:*",
"matchCriteriaId": "57CD29C9-C629-48B0-ABDD-CEC3DEB6FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51EA3EAA-A379-467E-AF9A-FCFBACAE49C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "4FC63AAF-758F-4A70-9738-96E75A0A1DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E67BE408-8DCF-491F-9EA9-E368565C1B49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CFE98A-FBA5-4837-BBD9-3C875ECEBF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "36A5F20F-3F38-4FB9-B49D-28569EB1A763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2264D7-5E89-4F50-B948-FAB41D07C8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB8368D-B9F9-4679-8154-1174E140CA17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "78EEDF40-2CDA-4147-A9F2-A5F4B8FF35EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5f:*:*:*:*:*:*:*",
"matchCriteriaId": "40CEA4FC-B946-4D54-A45B-686FC02D5411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDBE176-04ED-48F0-BA9F-45BECFEDBE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "94E52AA0-0A77-47DF-9600-7D5B8A6D09B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DB62FB56-A09A-4BE3-AF4C-180903078C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "0627B380-B8E7-4BA4-BC1B-ADBCC3A6018B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "03F75200-396B-43BB-A529-9A3A45B9EBAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE76032-948F-444F-BA5D-72A34D1CD382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9A965A2A-129C-45C3-BCB1-2860F583D020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F313F2EC-F3D6-4639-934C-402DDA3DA806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFB2CA6-8332-4E4D-BDB4-C3B770D3AD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF0778B-015D-481B-BAC0-40667F3453D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEBC0EB-0DBB-4530-AFC4-AA0036469656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "66D0DB87-6BB7-4FCF-BF20-6D4D48D72B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A766E7-CF3C-4529-AFA4-D780059A66BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "46B7F7EA-6512-433F-B1E4-B2F889427464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "63527910-7F55-4D40-BFE7-D497C91C334D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EACA43F-64DB-496B-A6B1-DB9FAF6606EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1z2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E147E53-B047-429F-9E3B-04FB5F777B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1z3:*:*:*:*:*:*:*",
"matchCriteriaId": "0656EA0A-3BB6-49AD-A6BB-922C2BC5B075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1z4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EDBECC5-25B6-461F-BE21-F4EA569DAEA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE165207-A066-44C1-B78A-6EFD80023204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF792BC-C270-4294-8E4E-71FAC3ACFCF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1098FCEA-6A9F-4634-A0EF-EC55ABCCEA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "53B97B06-206B-42F0-B68F-5C5136EAD2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6281EB0F-EE0E-4B06-A7A1-29460A98A8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "07650346-67D7-4805-BF81-BB145304CC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9C6C0D21-ABD5-42F1-B04B-745CA6115D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "99810E61-9C5F-4B26-8DFD-75C971593386",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B25CC70F-42ED-42EF-8CC6-50FF1F809F60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "DB60F2D0-B9D2-42A8-85EC-433BCE5BEC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.5c:*:*:*:*:*:*:*",
"matchCriteriaId": "FB757B3D-14A1-4997-AA51-9870FD81763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8577AF01-F2C7-48D3-AB0B-78BD63A60029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0D2D94-6470-4E4B-A1B1-0124F92AA793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31789E98-7C8D-4C5A-8A3F-FC9AFE9A248C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.14.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A62648B-3273-4D75-8533-A5CBE1B1BCE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0174C08C-8846-45AE-83ED-E9964348FA28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E73D685D-A002-4D82-9B4C-1D6B5C0B0320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED4E436-D338-4014-967D-9FE449518191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "D66E9FE8-DD32-4D0A-BB80-E690F5299F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F9C74B-113E-4808-B979-7738E3A52B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "1C482977-8384-4A57-B251-39BC01E4F7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CC3DA6-7A3D-4AFB-958A-E047D896CDAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A18E50D1-BAF5-4C0F-9253-774089BAA2EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDCA684-FF44-49EB-93B5-ED6778E437BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0FD5B7-69E7-43CB-A658-E05557AC2D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.2c:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBDBD9B-7122-413B-8671-17AEBE56C2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2855BC9A-3F17-48FF-AE97-46ADB30AD0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "E12CD6C1-1441-48E1-89BF-0C9C735B94E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.3b:*:*:*:*:*:*:*",
"matchCriteriaId": "0298ACD6-BAC6-4E0E-9962-3882F90700AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8BAB6FF3-7978-47CA-BFBD-6211106C46BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88707E5B-2040-40AB-A8D2-39D6B97E40B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.16.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "F04A22BF-A461-4B5F-BB30-5F5C2FE56134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A9F98075-6210-4332-B76E-ECDFF1D55D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A57F16D-2020-46F1-BA1A-DAE484F31920",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi:*:*:*:*:*:*:*",
"matchCriteriaId": "E19BA770-83E0-4D07-BE31-97FA8C86437B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi1:*:*:*:*:*:*:*",
"matchCriteriaId": "4627BEF7-CEEB-4CBC-8620-4D9C5A7F7C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi2:*:*:*:*:*:*:*",
"matchCriteriaId": "866E9A29-97D8-41E1-81BE-73FAF1B5E2DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi2a:*:*:*:*:*:*:*",
"matchCriteriaId": "B72F30BA-0376-426F-9E74-A39231973D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi3:*:*:*:*:*:*:*",
"matchCriteriaId": "C409330E-2C8F-425F-8A9F-B04E67A83608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi4:*:*:*:*:*:*:*",
"matchCriteriaId": "8940ECBB-CA08-4292-AA5C-55AB95D98580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi4a:*:*:*:*:*:*:*",
"matchCriteriaId": "0C29F00F-1779-46BB-9964-8692AB4AD04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi5:*:*:*:*:*:*:*",
"matchCriteriaId": "950F3BA6-DEEB-4EA5-96E3-88B33B0331D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi6:*:*:*:*:*:*:*",
"matchCriteriaId": "C48E7E3A-61B2-4188-831C-26EB583ECD71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi7:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C54AA9-EFDB-43A5-AD00-4E9965881927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi8:*:*:*:*:*:*:*",
"matchCriteriaId": "B7497ED9-109E-4B44-8C16-D43F7FA1A326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi8a:*:*:*:*:*:*:*",
"matchCriteriaId": "2E9F3020-E327-4DA0-BD2A-22677BEA0629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi9:*:*:*:*:*:*:*",
"matchCriteriaId": "B8B34634-EAEA-4FAC-98DD-E50EB7FE9286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi10:*:*:*:*:*:*:*",
"matchCriteriaId": "875897DB-094B-41BD-9205-9D4564B52998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi11:*:*:*:*:*:*:*",
"matchCriteriaId": "7B119CD4-DA82-4F35-B5CD-71E2434C23B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi12:*:*:*:*:*:*:*",
"matchCriteriaId": "0D581EB8-FBAC-4F48-82B5-6F8BEE2D8CBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi13:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3855C5-86C9-4408-B644-78E0B17F6F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi14:*:*:*:*:*:*:*",
"matchCriteriaId": "68B47AFB-BFB5-4DF1-9F05-695BBDC21CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB7463C-01C6-4483-8EF1-1E1257738CD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj1:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFE2CEF-595A-4D4D-A741-4562CD03B67F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EC6DC5-E871-43E3-991E-0EE4B310CA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj3:*:*:*:*:*:*:*",
"matchCriteriaId": "102395E9-4110-4C7C-B152-5C60EB17D1DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj4:*:*:*:*:*:*:*",
"matchCriteriaId": "C4200124-000B-49C0-B380-A478C1CF4A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj5:*:*:*:*:*:*:*",
"matchCriteriaId": "B40BAA65-D2A7-42BB-BAD7-C9F7FCE7B123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj6:*:*:*:*:*:*:*",
"matchCriteriaId": "831B9DB1-8AB9-45A7-8DC4-FD6CED335D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj7:*:*:*:*:*:*:*",
"matchCriteriaId": "9F17158D-9CCD-4186-B97D-51242AB92547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj8:*:*:*:*:*:*:*",
"matchCriteriaId": "1E920061-80A8-41E0-BA64-A20264020C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj9:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB5FB44-0CD9-40E1-80EC-C8CFBA023FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxj10:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3509F6-5475-4924-9E5C-4E2E03D65F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(50\\)sq:*:*:*:*:*:*:*",
"matchCriteriaId": "46AE17A1-7FC7-4197-825C-92B32AC64D82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(50\\)sq1:*:*:*:*:*:*:*",
"matchCriteriaId": "00328248-72C7-4646-9312-5EAA7FE0D41E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(50\\)sq2:*:*:*:*:*:*:*",
"matchCriteriaId": "5535D673-8DF3-4737-A531-E7B28C419235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(50\\)sq3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D97E83-3091-4E46-818C-503D7D1F9D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(50\\)sq4:*:*:*:*:*:*:*",
"matchCriteriaId": "EE109462-C870-4C66-A7AE-B1ADED3B8DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(50\\)sq5:*:*:*:*:*:*:*",
"matchCriteriaId": "14D0156C-3153-4A64-8491-A6A1B60FE5CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(50\\)sq6:*:*:*:*:*:*:*",
"matchCriteriaId": "C075F42D-27C1-46A2-893A-5C0D9BE13861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(50\\)sq7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF11222-0EA2-4E6B-B6DC-D16FCFEDE807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(53\\)ez:*:*:*:*:*:*:*",
"matchCriteriaId": "9600F1FE-17F6-4F6D-886A-ED95FEA9A3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)ez:*:*:*:*:*:*:*",
"matchCriteriaId": "06D0BBED-E68E-43B7-93F5-FC5DEE7BEB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se:*:*:*:*:*:*:*",
"matchCriteriaId": "CF4F2951-FF09-45FC-81BD-7C8C6C7CD1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se1:*:*:*:*:*:*:*",
"matchCriteriaId": "63C5C43F-67A3-4000-845E-FDA620AD1B90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se2:*:*:*:*:*:*:*",
"matchCriteriaId": "565F3777-89E2-4159-9D8E-629EB7A56837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7C3DF8-2B59-41EB-A151-15E46348DF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se4:*:*:*:*:*:*:*",
"matchCriteriaId": "700DDE2E-922C-426F-8751-BADD15055AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se5:*:*:*:*:*:*:*",
"matchCriteriaId": "4D6CA171-4BE2-4204-BDAB-EA19BCD4842A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se6:*:*:*:*:*:*:*",
"matchCriteriaId": "84766AF1-DC74-4D64-A4E1-56B377D6CE48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se7:*:*:*:*:*:*:*",
"matchCriteriaId": "5D4A0517-EF86-4655-B4B4-246ED3A84803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se8:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E3912E-11F7-421B-A5C4-35568A6E386B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se9:*:*:*:*:*:*:*",
"matchCriteriaId": "360F3E49-D75A-4ACE-B775-14055272C861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se10:*:*:*:*:*:*:*",
"matchCriteriaId": "5362C676-5002-4ABC-9C60-97D4B65A399D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se11:*:*:*:*:*:*:*",
"matchCriteriaId": "0D14EB41-CD6A-483A-8F68-9072E436807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se12:*:*:*:*:*:*:*",
"matchCriteriaId": "DC201905-7DBF-4E2B-B732-62641F51C170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(55\\)se13:*:*:*:*:*:*:*",
"matchCriteriaId": "377669B9-952D-4527-9C24-E6713E749C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(58\\)ez:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABC42E8-E304-4D00-8C6C-604F3EE13DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(58\\)se:*:*:*:*:*:*:*",
"matchCriteriaId": "F9D38633-31AE-42E9-8FFA-77C8EFA9AABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(58\\)se1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D6D9CC-70F0-475C-8AB0-48980596BE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(58\\)se2:*:*:*:*:*:*:*",
"matchCriteriaId": "BEECEF97-EC6A-43C8-A7AB-5C48948183FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez:*:*:*:*:*:*:*",
"matchCriteriaId": "69AB39F8-5D39-4E8A-A8A5-B91718D37A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez1:*:*:*:*:*:*:*",
"matchCriteriaId": "63328822-DC2E-41A3-9E12-F5F824847AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez2:*:*:*:*:*:*:*",
"matchCriteriaId": "350D9AFE-66AD-486B-B42D-E6A3CE62640C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez3:*:*:*:*:*:*:*",
"matchCriteriaId": "73D67BDA-AEA7-4ED2-AFA4-20283B446602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez4:*:*:*:*:*:*:*",
"matchCriteriaId": "8D593974-6D7B-4AF8-85B2-A77D8BE5CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez5:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B4BFC4-F2C9-4D5E-AD22-3AAF36CFB12A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez6:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2E6D25-7528-4433-9BB3-4F45DB0FE8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez7:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E1ADA5-C782-4F8A-A77C-A895B402A792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez8:*:*:*:*:*:*:*",
"matchCriteriaId": "698C897E-CE32-4350-9315-DEE4EA5FF02C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez9:*:*:*:*:*:*:*",
"matchCriteriaId": "76C7FF79-0AFF-4DB5-BDCA-797B8FAB7F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez10:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2B02DE-CE0C-47E1-91BF-F115EE970B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez11:*:*:*:*:*:*:*",
"matchCriteriaId": "C5374A08-2788-40A0-82B5-9597C28396EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez12:*:*:*:*:*:*:*",
"matchCriteriaId": "2C60FD51-3FD8-48F4-98EF-FEDAAF9BC52B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez13:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF1CE90-F107-4009-B2E4-19D6123B944D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez14:*:*:*:*:*:*:*",
"matchCriteriaId": "AC92E458-DC3F-4179-B6E6-14562F4291B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(60\\)ez15:*:*:*:*:*:*:*",
"matchCriteriaId": "1867205D-5158-41BB-8358-1A870E9DE814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)ey:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF55C0A-768F-445A-AF40-2B553363AF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)ey1:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D5CC-521E-4B2A-B6DB-D2A49D31DE4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)ey2:*:*:*:*:*:*:*",
"matchCriteriaId": "10D75DC6-D7B1-46D2-ABEF-97D908992FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)se:*:*:*:*:*:*:*",
"matchCriteriaId": "971AAF00-63AA-4B3F-8E0F-B8FBD011C071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)se1:*:*:*:*:*:*:*",
"matchCriteriaId": "551A0087-5926-46AF-B1DA-3AA18FAB87E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)se2:*:*:*:*:*:*:*",
"matchCriteriaId": "E19A2402-F662-4900-8137-B14EB2537173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)se3:*:*:*:*:*:*:*",
"matchCriteriaId": "5757C194-AF18-434C-9F19-2FC775720556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "3048FEB4-3269-4EE1-88B5-0AA3E681402B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5B2E97-12F4-4B3B-90C6-106667787472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy2:*:*:*:*:*:*:*",
"matchCriteriaId": "68BFDF59-CDED-4A52-9E24-673E86B00C8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy3:*:*:*:*:*:*:*",
"matchCriteriaId": "331D55CC-055A-47E9-9019-B6AEAE0F8576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy4:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE53F4B-83D6-4E40-8117-D1983E798CCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy5:*:*:*:*:*:*:*",
"matchCriteriaId": "21941E6C-4DE9-45EA-8B14-CCEF208C458F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy6:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC8D765-D1F3-43E9-BCBA-DBC4FA7BAB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C06387D-C32E-4C3A-9A02-C0748DB88D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy7a:*:*:*:*:*:*:*",
"matchCriteriaId": "D754113E-26FE-4E2E-AFF0-680866C32CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy8:*:*:*:*:*:*:*",
"matchCriteriaId": "0489630E-150D-4C80-8E93-045B89A83631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy9:*:*:*:*:*:*:*",
"matchCriteriaId": "39832F23-3841-44CA-B1C0-321CA9B59627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy10:*:*:*:*:*:*:*",
"matchCriteriaId": "CD804E72-BAB3-4471-9EB2-11D607895357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ea:*:*:*:*:*:*:*",
"matchCriteriaId": "C04E6B95-5FD2-4C08-BFFC-148096444DB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ea1:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB4363E-49B6-4682-AEF3-6B0AB38A3932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ej:*:*:*:*:*:*:*",
"matchCriteriaId": "4C5D50E8-99DB-4B15-B0F2-84674A9346A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ej1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A101303-CFB2-4EF9-AD68-AF6D8E1E8148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ek:*:*:*:*:*:*:*",
"matchCriteriaId": "114E5F13-3F15-418B-A0AF-038BEABF8445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ek1:*:*:*:*:*:*:*",
"matchCriteriaId": "694AA98F-2705-477E-B2EE-75D2CEDB263B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ey:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC1EA3-AD9C-4AE1-91B6-4EBD22B77D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ey1:*:*:*:*:*:*:*",
"matchCriteriaId": "F6CA27BF-13BC-4C13-A049-FA50247ACE9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ey2:*:*:*:*:*:*:*",
"matchCriteriaId": "82C8B101-CB42-43CF-98CE-44EE5FBC9BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ey3:*:*:*:*:*:*:*",
"matchCriteriaId": "054583DC-AAF8-4BF0-AC13-5A488476C161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se:*:*:*:*:*:*:*",
"matchCriteriaId": "85A9B13E-8CF7-4879-8C33-8E690291335F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A634C47-2FD6-4106-86B6-DD465A5394E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se2:*:*:*:*:*:*:*",
"matchCriteriaId": "05DDA3F8-7207-4FC9-B491-F49418975D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se3:*:*:*:*:*:*:*",
"matchCriteriaId": "91E64DDB-BF0A-4CCF-A01A-B45A9D566C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se4:*:*:*:*:*:*:*",
"matchCriteriaId": "1E28EAD6-BD32-4DD7-9558-6E7F5264DCA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se5:*:*:*:*:*:*:*",
"matchCriteriaId": "D09AEBD6-56E7-4D22-B300-C904464FE75F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se6:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD98F15-F847-4968-8A9E-D4D5D2ED4FE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se7:*:*:*:*:*:*:*",
"matchCriteriaId": "97525468-9E3E-4E34-8319-B4DFB51BC4D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se8:*:*:*:*:*:*:*",
"matchCriteriaId": "611A649F-161B-4683-98D5-4C8150838039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se9:*:*:*:*:*:*:*",
"matchCriteriaId": "F414ABC6-B95C-48ED-BC15-817356248776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se10:*:*:*:*:*:*:*",
"matchCriteriaId": "137D26AB-CA68-4CBC-91E8-8C0901D5BF19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se10a:*:*:*:*:*:*:*",
"matchCriteriaId": "343F5C35-A0C0-4747-95BA-D4044C64508B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se11:*:*:*:*:*:*:*",
"matchCriteriaId": "713C55A8-F24D-45FE-88AA-1D1EFEC88339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se12:*:*:*:*:*:*:*",
"matchCriteriaId": "11F7D280-D099-495F-B860-D96F485BAF81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)se13:*:*:*:*:*:*:*",
"matchCriteriaId": "B62A7038-EBCF-4996-8795-3BF95CBDE6B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg:*:*:*:*:*:*:*",
"matchCriteriaId": "815EAC82-48B1-47A2-80D7-8CEE806E4B9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg1:*:*:*:*:*:*:*",
"matchCriteriaId": "F68B4687-CC90-45D8-989D-8DF38940C8A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg2:*:*:*:*:*:*:*",
"matchCriteriaId": "F755B9BE-3DF6-49AE-847E-F74B696A49A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF429A0-4A54-48FA-B69B-D34898E987EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg4:*:*:*:*:*:*:*",
"matchCriteriaId": "8A867AA1-E46F-4027-A41B-6AE1A27EB2F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg5:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD0EAC6-8B70-40C7-80D0-9BDD09AF5523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg6:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF4082D-8F3E-4274-83DD-431E99C395B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg7:*:*:*:*:*:*:*",
"matchCriteriaId": "230ACE85-877C-45D7-A2A9-0085C421292A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg8:*:*:*:*:*:*:*",
"matchCriteriaId": "D37BA5F4-9D5C-4D92-A6D3-055B79049719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg9:*:*:*:*:*:*:*",
"matchCriteriaId": "9ED6E6E2-AB47-442C-93B9-DEBA9D124B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg10:*:*:*:*:*:*:*",
"matchCriteriaId": "F3CC7F08-343B-40CC-9D03-81EE4924D6C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg11:*:*:*:*:*:*:*",
"matchCriteriaId": "31444A2D-BBF0-4D6A-A898-5EC4E782CC43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sqd:*:*:*:*:*:*:*",
"matchCriteriaId": "2D39E1ED-2F67-4116-9BF5-44CA8EF9A016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sqd1:*:*:*:*:*:*:*",
"matchCriteriaId": "729613AF-4C56-4514-9ECD-6A466C278E0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sqd2:*:*:*:*:*:*:*",
"matchCriteriaId": "368F2F9E-FD52-4A74-8378-DF246252B745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sqd3:*:*:*:*:*:*:*",
"matchCriteriaId": "2E452976-8876-40D7-8880-29197DB5457A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sqd4:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE5C762-5329-47E9-8D0C-C0A546AC24CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sqd5:*:*:*:*:*:*:*",
"matchCriteriaId": "0E5CC49C-34B5-4C8A-8FFC-DACB4B0C76FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sqd6:*:*:*:*:*:*:*",
"matchCriteriaId": "9D93F335-8058-45BA-8653-9F3E4A5FA28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sqd7:*:*:*:*:*:*:*",
"matchCriteriaId": "DA6FDABA-6F35-4FAA-9ADF-04E4CD1DCF15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sqd8:*:*:*:*:*:*:*",
"matchCriteriaId": "AF152F35-32C6-4C2A-BC91-90AAE442F239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sg:*:*:*:*:*:*:*",
"matchCriteriaId": "B8A89C06-8384-4B23-8D3A-293C9035FC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sg1:*:*:*:*:*:*:*",
"matchCriteriaId": "94836415-1A1D-4DC2-BDAF-BE5B06EA5C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sg2:*:*:*:*:*:*:*",
"matchCriteriaId": "00B7F513-E991-47A4-A96B-2EB90B15D197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD483E0-66F9-4DD1-85FA-C125C9617E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "35C1075B-11F3-453C-957D-834C5D6D8CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy2:*:*:*:*:*:*:*",
"matchCriteriaId": "115E901C-94B4-4EC7-AA85-03A20CFA90DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy3:*:*:*:*:*:*:*",
"matchCriteriaId": "C97051EE-8C42-4546-8EDC-FAD60B3EE1EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB435D9A-FA6C-4CBD-8647-3A61B3DAB338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy5:*:*:*:*:*:*:*",
"matchCriteriaId": "14181F4B-9A5C-40B4-BD15-FED694E9AE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy6:*:*:*:*:*:*:*",
"matchCriteriaId": "B62E402E-5D8B-4261-906C-C5668B4A12BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E5F22B-2CD3-4A14-AB2B-E039CF001140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg1:*:*:*:*:*:*:*",
"matchCriteriaId": "15102BA5-E96F-468C-8F8E-4F8F9E947533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F481FC-D16B-461C-BCBB-D58B58D1647D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg3:*:*:*:*:*:*:*",
"matchCriteriaId": "42D47483-F300-4224-86B2-6FBEFA35EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9E74C5-4BF5-4F29-938F-3E71784F08AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg5:*:*:*:*:*:*:*",
"matchCriteriaId": "2963A4BD-1414-40CA-A949-9CE61B3C61C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg6:*:*:*:*:*:*:*",
"matchCriteriaId": "DE0C7B38-F1D2-4D6F-A986-BDE58F6B7E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg7:*:*:*:*:*:*:*",
"matchCriteriaId": "2A6C5B60-9524-4A5A-A8CA-3C18730E18F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg8:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B09C15-62E9-4278-806C-03D47B75E336",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "07DCF559-9324-4CE1-A986-EF4A174DCEFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "38CC9728-4E4A-4536-BC81-031AFE1A74E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9DECC49-1DF8-4925-9232-04DA748428B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy3:*:*:*:*:*:*:*",
"matchCriteriaId": "B736A1E0-89F4-418C-BC12-7E6A7AC7891F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDC0B5A-E59C-454E-AA0E-6EB9C8888480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4a:*:*:*:*:*:*:*",
"matchCriteriaId": "2363876E-0E3B-44BA-8157-FA96554302B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy5:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D3131A-74F7-4465-826E-5F6C90240C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy6:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0D1E17-9A5C-4B74-B780-F31364FD9F06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy7:*:*:*:*:*:*:*",
"matchCriteriaId": "F70ADF53-D937-4CB1-8D17-8B4DB9A5458C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy8:*:*:*:*:*:*:*",
"matchCriteriaId": "8B0F30A4-C088-4ECC-ABE0-33D4A7BC8D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy9:*:*:*:*:*:*:*",
"matchCriteriaId": "73B11B78-1936-42CA-919E-BCD1E0C2A397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy10:*:*:*:*:*:*:*",
"matchCriteriaId": "A807560F-7111-40AB-BCC8-F3D7A2F92D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy11:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE56D89-5894-49E9-BDCF-E23AE4159989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy12:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9347AF-7729-44BD-8E33-610D573C560F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy13:*:*:*:*:*:*:*",
"matchCriteriaId": "14DC014A-2CDD-4294-8AEB-9C0B437C1633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy14:*:*:*:*:*:*:*",
"matchCriteriaId": "B9AB472D-2158-44DC-A627-8C4D52F476A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy15:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE1712A-1A44-4BD1-B114-318D4EC4977A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy16:*:*:*:*:*:*:*",
"matchCriteriaId": "AC27EED6-7F43-422F-8E61-CDD4E9EDC719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "07B725B7-AFBB-4F0D-87BA-38477E250374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F05531B-A6A2-437A-B7CE-1A2DD33EC8DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBD931B-9D7F-452A-A567-60ED7EA1D2B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "9E4B3624-1DA1-4A63-B2F1-F8E06CB61E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)ey:*:*:*:*:*:*:*",
"matchCriteriaId": "2D601E90-6F2A-4C66-97A2-152031C88DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE57C85-794E-405B-841F-A806D32C08EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy0a:*:*:*:*:*:*:*",
"matchCriteriaId": "7B91687C-A8F8-45FB-BF03-8534E9230AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "E082DB05-253F-4C6F-BD0A-524699309D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B43D4858-AE1C-4372-97F9-5983EEE6ED4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy2:*:*:*:*:*:*:*",
"matchCriteriaId": "9678A6F2-0624-4A8A-9991-9DADCDDB2687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F6D655-D3A3-4BEE-9DEF-19ADD41D1663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy4:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC0B809-72AD-413F-BE84-73FE2DB33950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2834B6-AA9D-4FDC-A228-CED66C799849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy6:*:*:*:*:*:*:*",
"matchCriteriaId": "B3426024-7199-4B7B-90CB-CE83FD2E0878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy7:*:*:*:*:*:*:*",
"matchCriteriaId": "BF163F6F-1A6D-4AA9-AAC2-52249BB28421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy8:*:*:*:*:*:*:*",
"matchCriteriaId": "CD250CC8-B26A-424E-A737-97F2A7E7C4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "D3A156FE-590E-49DB-819D-4103D629829D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F6C767-042C-4277-90F4-F81D9AFFF227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "D33DB919-4F82-43C6-830A-A9D4FC043B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "72782F95-948D-489B-A19A-9DAB825DFE4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "4F904CD0-8609-47F7-988C-613DE26BDBB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e5:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3A39FE-69F6-4BB9-A9CE-D516A3802538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e5a:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9B7058-3467-4CCE-B9A4-71CF8143FEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e5b:*:*:*:*:*:*:*",
"matchCriteriaId": "90447919-CC40-4CA5-A488-2FCF0F25ABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e6:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF74559-F418-48EA-9CA7-A9574CAFC97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e7:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A1ADB8-DF62-4CB6-8075-2F0956BB0126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e8:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0F2B2A-F273-4166-826F-88B54A480BB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "194D54FC-F399-4C86-AE04-FB3FD828DDA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e10:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C85E0E-A920-4501-AC23-0F7534CF88EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)ea:*:*:*:*:*:*:*",
"matchCriteriaId": "50CB7858-C857-41E2-9E5D-9368EEC2825E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)ea1:*:*:*:*:*:*:*",
"matchCriteriaId": "10438F4B-281D-4C2F-B4C3-DC3D47B0033A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)ea2:*:*:*:*:*:*:*",
"matchCriteriaId": "681E360E-2287-4BE7-8228-77C235DFA901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)ea3:*:*:*:*:*:*:*",
"matchCriteriaId": "81800178-449A-4B61-9611-5FB2FC4DBC75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)gc:*:*:*:*:*:*:*",
"matchCriteriaId": "C89D14BC-1718-4AE9-B107-1709C2CE965E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jax:*:*:*:*:*:*:*",
"matchCriteriaId": "2F95DC51-220F-41F9-BC48-E010746C2D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb:*:*:*:*:*:*:*",
"matchCriteriaId": "0F81AACB-C3F9-454F-A31D-E985451B0105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb2:*:*:*:*:*:*:*",
"matchCriteriaId": "853F31A7-E4A7-41DC-B6C6-36D5C665B7AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb3:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC473A4-39F2-4F32-B268-B9282B0B7823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb4:*:*:*:*:*:*:*",
"matchCriteriaId": "DF758B9D-7E81-4B27-865C-7CE675D38228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb5:*:*:*:*:*:*:*",
"matchCriteriaId": "99F26328-57B0-4E5F-932D-EEA70DF7C8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb6:*:*:*:*:*:*:*",
"matchCriteriaId": "282A8AA5-B087-4F0E-A8B1-4EA811E40270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "B05373F4-E820-4D22-A86A-904854F04C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C38969D-65EB-4C80-BB2A-A1245C4E718B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy2:*:*:*:*:*:*:*",
"matchCriteriaId": "A429CFF2-A288-4CD5-9C06-8D18647C67E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3A9655-9E22-4AEA-BBCF-6C0749D0289E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2a\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C846C74-7644-4DAB-A4B8-B33464EBE92E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2a\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDB0B25-95E0-4796-A56F-1A59EF7EA283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "BB214EAE-AEB7-4359-AD8C-86CCC080EF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "757000B2-A8EB-464A-9A2D-EC4D920A0569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "102BF855-ED1C-4D26-85D9-74B2BE0E9CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "B42618DF-F118-41A7-96E5-24C229DA020E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "26F6FC68-BF4A-4511-8B46-A93C81E349B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)ea:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D6FBCE-F1F0-437B-A9B0-57F717C974F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)gc:*:*:*:*:*:*:*",
"matchCriteriaId": "D80852CE-8D91-4E85-A97F-C7A9AF5278CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)gc1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF777880-43BF-4D4A-9BA1-B2E925B5DE11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3a\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "260E5F96-48DB-41C4-B45E-5BE0367DD7E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE9B41B-B1B5-45A2-8DBE-775B1CE4F2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "80114F8D-320D-41FF-ADD3-729E250A8CD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "879C4495-3B26-4370-8708-16F5002E37CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9DDD1E-201F-42B8-ADC9-9CD2F3ED2C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "D8C2BB1F-79DF-4471-B75F-C22CEBB5380F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e5:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5A55B3-49E4-4C48-B942-4816504BAA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e6:*:*:*:*:*:*:*",
"matchCriteriaId": "62AADD63-CEA3-461B-94EA-0CDAB4A2ED00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e7:*:*:*:*:*:*:*",
"matchCriteriaId": "EB704746-C27B-4C6B-948C-B8C0A3F40782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e8:*:*:*:*:*:*:*",
"matchCriteriaId": "F354F8F6-70D3-43EE-BF08-DFB87E83E847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "62F908B0-7ECE-40F8-8549-29BD1A070606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e10:*:*:*:*:*:*:*",
"matchCriteriaId": "378E67DD-779C-4852-BF29-38C2DFFB1BBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e10a:*:*:*:*:*:*:*",
"matchCriteriaId": "9033ACC7-1CCC-44E7-8275-73499C0E6E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e10d:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD4AF73-6C03-4978-BC43-857188BF7E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF92BEC-AA46-46DF-8C1E-956F3E506E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C226FE9-61A0-4873-B277-1B8ADB397B32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5BD905-75C3-47AE-8D19-6225BD808B37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea4:*:*:*:*:*:*:*",
"matchCriteriaId": "56DE452A-6852-4879-9187-8A152E6E260E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea5:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6367C8-C9D7-4965-BD9C-1DD4A2FCE2D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea6:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3047E4-BCC3-41A7-9DCD-15C25D14EC44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea7:*:*:*:*:*:*:*",
"matchCriteriaId": "7785E177-C04E-4170-9C35-B4259D14EA85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea8:*:*:*:*:*:*:*",
"matchCriteriaId": "8CAE727E-E552-4222-8FF0-6146A813BDEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea9:*:*:*:*:*:*:*",
"matchCriteriaId": "C7850295-C728-4448-ABA7-D01397DBBE5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea9a:*:*:*:*:*:*:*",
"matchCriteriaId": "7C104A47-53EE-47FC-BAE5-21925BEE98E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ec1:*:*:*:*:*:*:*",
"matchCriteriaId": "65589A68-58A4-4BD4-8A26-C629AE610953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ec2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A64C8F-6380-47CA-8116-E3438B953F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc:*:*:*:*:*:*:*",
"matchCriteriaId": "E3714E18-9A21-4D04-BB5E-0299AF443E2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc1:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FE61C7-3B61-4085-AD91-137459DA29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc2:*:*:*:*:*:*:*",
"matchCriteriaId": "71080D8B-BC81-4CDF-8626-D0F35DA40AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc3:*:*:*:*:*:*:*",
"matchCriteriaId": "CF10596D-457A-4DA8-8037-5E92E1D39232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFCDD9D-F2C9-431E-BE9C-9A89C5501939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb1:*:*:*:*:*:*:*",
"matchCriteriaId": "1783208B-3BAD-411B-AE3E-BF7F3C13BEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb2:*:*:*:*:*:*:*",
"matchCriteriaId": "E9843B15-19B6-4A35-9C9A-5B803352A46C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb3:*:*:*:*:*:*:*",
"matchCriteriaId": "314FAE74-75CF-4E43-ABC5-826190F49D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb3a:*:*:*:*:*:*:*",
"matchCriteriaId": "261C2203-4972-45D5-8DA0-83A9AB4D6C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb3b:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB9B457-8B4B-4761-A23F-8A99F28E4CCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb3h:*:*:*:*:*:*:*",
"matchCriteriaId": "2590898B-201F-44EE-91D9-E3A891C974B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb4:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE089B8-4176-4618-8C1A-525A8CF96053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb5:*:*:*:*:*:*:*",
"matchCriteriaId": "32222F6C-960D-4AF6-ABA1-6BED7FEDCFCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb6:*:*:*:*:*:*:*",
"matchCriteriaId": "981C90B0-43DD-482D-9471-74E4CC5DB0BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)jn:*:*:*:*:*:*:*",
"matchCriteriaId": "D6098745-F5CB-4D3B-A04D-E4C1F1382FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D2CBE-2B93-45CB-AB59-AFDF14277E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "E2911989-D074-42DF-AB58-6849B3E0B72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "34299D29-96EC-4AAA-8137-49B292FC2D67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "5092DFCF-FEE9-4BE3-9116-01F3CBCE8A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "7BCBDFC3-13C3-45D3-80C9-E533082FAF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "B213D7CC-AD3D-4241-AF59-5B4CFC9BA930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m6:*:*:*:*:*:*:*",
"matchCriteriaId": "6E88FA32-5EBE-44BA-979B-60FE8340E8C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m6a:*:*:*:*:*:*:*",
"matchCriteriaId": "C4CE0E6F-A277-48BE-8F1D-BCA48C57666C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m7:*:*:*:*:*:*:*",
"matchCriteriaId": "96FDDD94-40C9-47F0-9D43-0C0267F439C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m8:*:*:*:*:*:*:*",
"matchCriteriaId": "4E77BE16-C28C-43C2-B2CC-5AC4F33F7E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m9:*:*:*:*:*:*:*",
"matchCriteriaId": "DF3BBE82-E29A-4FD6-A897-1D80DE6ACA4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m10:*:*:*:*:*:*:*",
"matchCriteriaId": "0322D5E9-FE05-49EF-A210-A276D69B9F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m11:*:*:*:*:*:*:*",
"matchCriteriaId": "F188F2EB-60D2-47BB-8FA8-2F832289345E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "F112DE64-0042-4FB9-945D-3107468193E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "E027FB12-862F-413E-AA2B-4BBD90AE3650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD28874B-148A-4299-9AA1-67A550B25F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e2c:*:*:*:*:*:*:*",
"matchCriteriaId": "E7131776-5DEB-4B96-8483-B81B538E24FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)ea:*:*:*:*:*:*:*",
"matchCriteriaId": "BE991877-18E0-4374-A441-C2316085CCA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)ex:*:*:*:*:*:*:*",
"matchCriteriaId": "7A472B96-0DDE-49DD-A7E3-A82DD6AEB3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5a\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "3A2EB46D-16E0-4C31-8634-C33D70B5381A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5a\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "757EB1A1-4764-4108-9AB1-F33CF9CEE574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5b\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "F29B2E6F-ED6C-4568-9042-7A1BD96A9E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5c\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "7803B445-FE22-4D4B-9F3A-68EFE528195E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "199DCF1B-8A1E-47CC-87A6-64E6F21D8886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e0a:*:*:*:*:*:*:*",
"matchCriteriaId": "C5B78669-3B28-4F1D-993D-85282A7D0E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e0c:*:*:*:*:*:*:*",
"matchCriteriaId": "DD05109E-1183-419D-96A1-9CD5EA5ECC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C73A3A-4B84-476F-AC3C-81DCB527E29A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEE2C71-C401-43D1-86DC-725FE5FDF87E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1758F264-96F9-4EE9-9CA9-AD5407885547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e2b:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2842F6-4CD5-457C-AC75-241A5AB9534B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABE0470-E94A-4CAF-865D-73E2607A0DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "6437E689-A049-4D48-AB7A-49CA7EBDE8B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e0a:*:*:*:*:*:*:*",
"matchCriteriaId": "110B699D-169E-4932-A480-6EBB90CAE94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e0b:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C12918-E5BB-465E-9DA4-06B7351DD805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e0s:*:*:*:*:*:*:*",
"matchCriteriaId": "4862C453-8BD7-4D53-B2D6-CE3E44A4915A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0C4E1F4-AD64-418C-A308-85501E0F3EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e1a:*:*:*:*:*:*:*",
"matchCriteriaId": "27EF41C6-A0D0-4149-BC5D-B31C4F5CC6D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "57ED9CDC-FC03-4DA7-A791-CE61D0D8364D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e2a:*:*:*:*:*:*:*",
"matchCriteriaId": "AB8C3BBA-4829-4006-B7EB-F552D86922C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "F980EFA3-BB92-49D3-8D5F-2804BB44ABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e3k:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6D0AA7-E879-4303-AB2D-4FEF3574B60E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "345C9300-CAC2-4427-A6B4-8DBC72573E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e5:*:*:*:*:*:*:*",
"matchCriteriaId": "64BFCF66-DE06-46DA-8F9D-60A446DC0F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e6:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDF6ABA-F0A4-423F-9056-A57C6A074137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e7:*:*:*:*:*:*:*",
"matchCriteriaId": "956FE25C-3CB8-4479-850D-719827123A3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e8:*:*:*:*:*:*:*",
"matchCriteriaId": "23ABB581-90EF-4F6C-9778-735932D2B08D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3FD874-5EDF-48E0-A5AC-415A620C1FF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e10:*:*:*:*:*:*:*",
"matchCriteriaId": "58F396D6-9B6E-4E6A-B561-9822DB13C7AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e11:*:*:*:*:*:*:*",
"matchCriteriaId": "21887E28-6DED-4E1D-BC96-FED6461B95F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e12:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAD4038-60A1-43ED-98EA-534B42134FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7a\\)e0b:*:*:*:*:*:*:*",
"matchCriteriaId": "1374E243-4EC2-4A81-991C-B5705135CAD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7b\\)e0b:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECA6101-94BA-4209-8243-A56AF02963EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "FFF00927-80B0-4BE3-BF7C-E663A5E7763A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "9795E31D-A642-4100-A980-CD49C291AB7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "83C79479-27C6-4273-BC80-70395D609197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "28ACC494-2B4B-4BCE-9275-B7B10CC69B1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BB9098-7C1D-4776-8B1F-EF4A0461CCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e5:*:*:*:*:*:*:*",
"matchCriteriaId": "602A88C0-30D1-4B63-A8F7-EF1D35350897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e6:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3AE0C5-D071-44B4-B820-422296FDC259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e7:*:*:*:*:*:*:*",
"matchCriteriaId": "BB369F67-A688-4AAE-AB69-24ECA7E2DB4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "249D78EB-A125-4731-A41B-62F8302D7246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E599088-5071-469B-980F-4BA3026856C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F58CEE-636B-460E-91D1-330965FA7FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA5302F-0F9E-4E0A-AA59-CB23B9A89F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "F943E4AE-F0EE-4643-B34D-44896C8CBF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E6ED45F-4479-445D-8970-F90413C51B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "8922A697-63B0-480E-B91F-4C16E2F325B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(1\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "6B1EB55A-4D3A-42ED-9EA0-DF31DE62086C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "3376544F-A13B-4800-952D-08A2F429E9A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "79DA9DD7-A350-4A62-B19A-6AF90CF798F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "7113699B-762C-48BD-AD99-19D1A25995E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E178E6C-D717-48B1-B79A-4E071BDFE6AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF7DF14-DD6F-4D24-8F12-AAB145FBDB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1:*:*:*:*:*:*:*",
"matchCriteriaId": "71493AA2-49E9-4FF5-AC29-DC2426973EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1m:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1E9625-A8CF-4D0F-BB0D-9FB91391D977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja4:*:*:*:*:*:*:*",
"matchCriteriaId": "85F96295-2E72-4C23-B973-791B4A2B63F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja5:*:*:*:*:*:*:*",
"matchCriteriaId": "A8555124-BAFA-45D4-8208-ED1172D55F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja6:*:*:*:*:*:*:*",
"matchCriteriaId": "A313DD0B-C9A9-4731-A486-EE1BCBA3B1F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja7:*:*:*:*:*:*:*",
"matchCriteriaId": "04B9D9B5-807F-494B-9ED2-7F4BDB32432A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja8:*:*:*:*:*:*:*",
"matchCriteriaId": "6089D71A-8D46-4819-80E9-8A29BCA47EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja10:*:*:*:*:*:*:*",
"matchCriteriaId": "21678FDA-D2B4-4041-A52D-C7AA562FD086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja11:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EB0CFF-88F5-4193-8896-B3E4BA8D1AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E532352-99A6-4E45-B0E7-7F04DA411820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jaa:*:*:*:*:*:*:*",
"matchCriteriaId": "D3BD12E4-2ADA-4E3D-A12D-FF0E1031D677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jaa11:*:*:*:*:*:*:*",
"matchCriteriaId": "9420ADDA-5DD7-4842-AC07-2F5588CA5817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jaa12:*:*:*:*:*:*:*",
"matchCriteriaId": "493428E8-D818-4EDF-BA88-E715734BF848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jab:*:*:*:*:*:*:*",
"matchCriteriaId": "915E4321-D52D-4C16-8821-ED16529C9090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jax:*:*:*:*:*:*:*",
"matchCriteriaId": "1AAC643B-AA58-42EA-A777-52FCF6065F9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jax1:*:*:*:*:*:*:*",
"matchCriteriaId": "9CFB57C3-6CDF-46D1-858D-D5234956653D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jax2:*:*:*:*:*:*:*",
"matchCriteriaId": "330125E6-3645-40B5-8E64-009B622090B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jb:*:*:*:*:*:*:*",
"matchCriteriaId": "02D874DF-54A1-47C7-B3D9-A9CE41A42418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb:*:*:*:*:*:*:*",
"matchCriteriaId": "1485E3A5-A586-408A-8325-7572779DD0E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb1:*:*:*:*:*:*:*",
"matchCriteriaId": "2244E538-6B35-44E0-B93E-60B773745A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9DB6B2A-19D2-4684-B07F-5D42EC850A8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb4:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC1C381-4795-4992-BE3C-9615E005DE46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb5:*:*:*:*:*:*:*",
"matchCriteriaId": "80188F84-30DE-46AC-8E0C-984126B77CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb6:*:*:*:*:*:*:*",
"matchCriteriaId": "DECBF0A9-D84F-40A2-AC61-A9C59C819787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb6a:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F129CF-FB92-49E9-BD86-90DDB8218FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb8:*:*:*:*:*:*:*",
"matchCriteriaId": "9C288D58-F765-4403-BF18-CC0A62B1AA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jc:*:*:*:*:*:*:*",
"matchCriteriaId": "D4CF8146-FBF4-48F9-8BF0-61ACB2B3524E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jc1:*:*:*:*:*:*:*",
"matchCriteriaId": "27357CD7-3E9E-4EF2-A5D4-A6BC44952FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jc2:*:*:*:*:*:*:*",
"matchCriteriaId": "4246ACD7-DBCF-4CE6-B9B8-D44AAB2DEC8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jc3:*:*:*:*:*:*:*",
"matchCriteriaId": "1046E19B-DB53-418A-BFEC-5CD4492E6626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jc4:*:*:*:*:*:*:*",
"matchCriteriaId": "0062D992-D990-4EC9-BABD-2EFFF84254D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jc5:*:*:*:*:*:*:*",
"matchCriteriaId": "CC81B74C-4F63-46E8-ACF4-EB707853580A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jc6:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C779C9-3B83-4B26-8942-B8475FB3B5D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jc8:*:*:*:*:*:*:*",
"matchCriteriaId": "02ACA99D-5784-4F5F-AB83-F55DF8774E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jc9:*:*:*:*:*:*:*",
"matchCriteriaId": "DFFB9F99-8751-442B-9419-C2AB522D2ADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jc14:*:*:*:*:*:*:*",
"matchCriteriaId": "5E33FD88-8183-40EF-97A1-2766A4BBFBE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jca7:*:*:*:*:*:*:*",
"matchCriteriaId": "A6135D11-F4C2-4B6C-BC63-1132499D64A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jca8:*:*:*:*:*:*:*",
"matchCriteriaId": "3B43CA9C-977B-4C99-A520-0BCDA5D2A700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jca9:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDCD3CA-FAA4-4BCA-883B-B871B8748C3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd:*:*:*:*:*:*:*",
"matchCriteriaId": "34D7D48C-9FA1-45DB-B206-437E8ECBF53D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd2:*:*:*:*:*:*:*",
"matchCriteriaId": "3626B216-43E8-4E60-96E5-7CAA0CB67F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B59D8B-E71A-4671-BA0B-00E56498E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd4:*:*:*:*:*:*:*",
"matchCriteriaId": "956C0089-E5AE-4289-B6D7-A8AB3C39AAA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd5:*:*:*:*:*:*:*",
"matchCriteriaId": "333468BC-41F0-46ED-9561-D7D2CE6AC267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd6:*:*:*:*:*:*:*",
"matchCriteriaId": "09DBAA17-61D7-4EE4-A70D-A7200DF36C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd7:*:*:*:*:*:*:*",
"matchCriteriaId": "DF17EADC-5812-47FD-A243-287837CEC1E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd8:*:*:*:*:*:*:*",
"matchCriteriaId": "5733BCBA-B3CE-4B18-9F7B-51CE17AAEF89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd9:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8CF99C-B097-4964-B07C-FBB28EB37681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd11:*:*:*:*:*:*:*",
"matchCriteriaId": "79DC64FF-E6F4-4FEE-87A2-14DF0DA55B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd13:*:*:*:*:*:*:*",
"matchCriteriaId": "E2403659-B7AD-40CE-AF88-FE2BEF0929E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd14:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1F53B1-E9FA-4480-8314-C531073B25CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd16:*:*:*:*:*:*:*",
"matchCriteriaId": "498030A3-0AFF-4D74-98D6-74C9447E5B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jd17:*:*:*:*:*:*:*",
"matchCriteriaId": "BDCBDB71-59D7-481E-84FF-8772930F857B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jda7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5906E4-31B7-45B6-B7D4-493B64741D52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jda8:*:*:*:*:*:*:*",
"matchCriteriaId": "09807F0F-E487-447B-8A79-96CB90858891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jda9:*:*:*:*:*:*:*",
"matchCriteriaId": "01A21ED6-B633-4B59-BD32-128D0E2B3563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jda11:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7AF17D-2E1E-47D7-9356-4185A5F09BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jda13:*:*:*:*:*:*:*",
"matchCriteriaId": "09664703-4AF6-4213-AB74-9294DE80E648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jda14:*:*:*:*:*:*:*",
"matchCriteriaId": "638B3FE5-39B1-47E7-B975-A2A88C68B573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jda16:*:*:*:*:*:*:*",
"matchCriteriaId": "04D5820C-2E74-4C66-932C-00FF3D064F09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jda17:*:*:*:*:*:*:*",
"matchCriteriaId": "65F67B44-4215-48BC-A4DA-279178C4A6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)je:*:*:*:*:*:*:*",
"matchCriteriaId": "2955A319-04AC-4D0C-80B7-0C90503908C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf:*:*:*:*:*:*:*",
"matchCriteriaId": "B0EF13B6-A743-41D1-BB31-F17C3586C8AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B4F7A75-1D0B-4F55-868C-99DBB67AE1AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf2:*:*:*:*:*:*:*",
"matchCriteriaId": "37875B18-434B-4218-BAAF-2B593E188180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf4:*:*:*:*:*:*:*",
"matchCriteriaId": "26BAC234-D00C-4407-A1FE-E45A14D1BDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf5:*:*:*:*:*:*:*",
"matchCriteriaId": "C42E2869-F179-49B7-A4E8-0F4E8EA953CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf6:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58711A-F8C9-4F25-97D7-AE8AE64F3912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf7:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4E7B19-75DF-4811-BEE9-28E7B15ED6F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf8:*:*:*:*:*:*:*",
"matchCriteriaId": "DE3ECC04-345F-4DAE-98F7-04E082BAEC3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf9:*:*:*:*:*:*:*",
"matchCriteriaId": "6A919122-DE62-4032-80DF-F77C1D80B387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf10:*:*:*:*:*:*:*",
"matchCriteriaId": "9C5B0248-7C59-49F7-A1BC-FE6F5A8E535B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf11:*:*:*:*:*:*:*",
"matchCriteriaId": "68958043-1212-42AF-A205-DB731ED55114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf12:*:*:*:*:*:*:*",
"matchCriteriaId": "84AE6EB6-EF3F-4DE2-ABEC-71F9010BFF0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf12i:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6F56B5-BE84-434D-AEC8-EB0764A832FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf14:*:*:*:*:*:*:*",
"matchCriteriaId": "786741B1-2502-4F2F-A943-C50720A73D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf14i:*:*:*:*:*:*:*",
"matchCriteriaId": "02693A73-85AE-4AFE-81B2-11A85251CBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jf15:*:*:*:*:*:*:*",
"matchCriteriaId": "83EFE0BC-2487-458C-B8AB-33600B9EB986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jg:*:*:*:*:*:*:*",
"matchCriteriaId": "746D8C22-4A3E-4EDB-96A1-923EFF2FD5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jg1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BB02DEB-81D4-4A05-BDD5-3B8BC7184159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jh:*:*:*:*:*:*:*",
"matchCriteriaId": "B18C3383-28B0-435E-AF08-9739DADAE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jh1:*:*:*:*:*:*:*",
"matchCriteriaId": "08C9CA39-3515-4226-8453-0B5FC62546D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ji1:*:*:*:*:*:*:*",
"matchCriteriaId": "19AAE85B-A2E3-4758-9DAF-B4BD7C667DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ji3:*:*:*:*:*:*:*",
"matchCriteriaId": "1658FFCF-7433-4AFB-9D59-BD6CC14A4D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ji4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CA6116-2C6B-431B-BA88-63B180A00DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ji5:*:*:*:*:*:*:*",
"matchCriteriaId": "C2377350-7B69-4C49-889A-D63A3E4C1002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ji6:*:*:*:*:*:*:*",
"matchCriteriaId": "2913C352-E21F-4ECE-8A13-BA21CC00D02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jj:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD90F4A-2A86-4A98-A157-D93C382717A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jj1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FB2D76-9BE1-4C39-A3B0-BD6F45E20E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk:*:*:*:*:*:*:*",
"matchCriteriaId": "1739E9AD-154D-40C2-A761-F7133BC06C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA700809-C25D-49F8-B930-7459F8AE9DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk1t:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEB7B3E-4E91-477F-BD62-9A28578CCA80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk2:*:*:*:*:*:*:*",
"matchCriteriaId": "58C5D255-C0FE-47E6-A920-3539306F9845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk2a:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8DF3B4-A424-4B70-9116-28E2C4DFB776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk3:*:*:*:*:*:*:*",
"matchCriteriaId": "4677B840-6636-4D8C-9E1C-47FEB8F3116A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk4:*:*:*:*:*:*:*",
"matchCriteriaId": "917D5477-E47E-4A01-979A-C9A0993BE34B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk5:*:*:*:*:*:*:*",
"matchCriteriaId": "09EC7701-3B46-4CFE-9EE5-2EA393D5A6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk6:*:*:*:*:*:*:*",
"matchCriteriaId": "4E18F8C6-E592-4507-8B93-E9AEA5C12CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk7:*:*:*:*:*:*:*",
"matchCriteriaId": "5F9881DB-6F66-41D6-8AEE-7DAE4FFF42E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk8:*:*:*:*:*:*:*",
"matchCriteriaId": "F80E00B5-6C40-4DB1-8C6D-4B90D968C5E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk8a:*:*:*:*:*:*:*",
"matchCriteriaId": "4726B615-ED6B-42ED-9E7B-7161293AC439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk8b:*:*:*:*:*:*:*",
"matchCriteriaId": "6690746A-4F0B-40CC-BD38-C9F2046A16D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk9:*:*:*:*:*:*:*",
"matchCriteriaId": "603287B7-170D-4233-B6E7-0E5AA489275D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk10:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E324F1-4F76-403D-A98C-49C015CBC538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jk11:*:*:*:*:*:*:*",
"matchCriteriaId": "24E99B6F-4810-4493-B5E6-35514525F614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn3:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBD0947-656E-4CB0-9B4F-1A1F7AA360C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn4:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D6C6EE-CFD9-49A9-8784-498560847737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn7:*:*:*:*:*:*:*",
"matchCriteriaId": "FFEE60A6-9E75-4B20-A06D-411E774511B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn8:*:*:*:*:*:*:*",
"matchCriteriaId": "1451BB33-6BE0-4F4A-A193-14E13DECEE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn9:*:*:*:*:*:*:*",
"matchCriteriaId": "5F0FC09E-8C60-4EAC-B729-3BE3524E6F08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC3CD43-F30A-484B-9285-D925C1262212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb1:*:*:*:*:*:*:*",
"matchCriteriaId": "F807A36A-9363-40F1-9B20-E5C4D503EB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb2:*:*:*:*:*:*:*",
"matchCriteriaId": "5200C1CD-DEAB-44FD-970D-098F3E01F36B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8E71841-512D-483C-A911-86EA745AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb4:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB655C5-2D7B-4ED5-89D6-4ED613CF3934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb5:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE556AB-093C-4992-8F5B-F240526AAA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb6:*:*:*:*:*:*:*",
"matchCriteriaId": "4BA0BCD1-4E75-4F39-B960-4B6B1B357442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnc:*:*:*:*:*:*:*",
"matchCriteriaId": "F17F3285-80E8-4BE5-8704-3379CF326601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnc1:*:*:*:*:*:*:*",
"matchCriteriaId": "9669DF61-DDC5-498D-906A-494D56BAE450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnc4:*:*:*:*:*:*:*",
"matchCriteriaId": "571ECF0D-06C6-4371-891C-FB68A3093F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnd:*:*:*:*:*:*:*",
"matchCriteriaId": "8A38CF1F-37D9-4CBD-8B98-C24637FF7F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnd1:*:*:*:*:*:*:*",
"matchCriteriaId": "0886F6DC-C590-48A0-BE27-6CD778EB37FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnd2:*:*:*:*:*:*:*",
"matchCriteriaId": "8552242D-0A93-4841-83F9-EA4D7F58938E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnd3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0667D1-B4EC-4FF0-AC5D-9C1B04D84099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnp:*:*:*:*:*:*:*",
"matchCriteriaId": "F45D0EFD-784A-4CDB-8FDB-41F6869B4735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnp1:*:*:*:*:*:*:*",
"matchCriteriaId": "942CC01D-ED6E-4731-A61B-75CDF219F760",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnp3:*:*:*:*:*:*:*",
"matchCriteriaId": "59CA018E-5160-40AE-953D-9559F23D2EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpb:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA595EF-8718-4477-8EEC-EA948C14F091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpb1:*:*:*:*:*:*:*",
"matchCriteriaId": "4CDCADB1-EA01-41AF-9D96-A6EDE42D7A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpc:*:*:*:*:*:*:*",
"matchCriteriaId": "13763901-2D7B-485D-A957-E30587BCEB88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpc1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B213166-77E2-4E13-8769-FA8AF6EEC33A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpc2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A3C0371-223A-433C-B8A3-C24A499EB82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpc3:*:*:*:*:*:*:*",
"matchCriteriaId": "A066A001-830B-4407-A5CD-AB99059C190E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpc5:*:*:*:*:*:*:*",
"matchCriteriaId": "83B45095-526D-4BC5-A16B-6B5741F07FD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpd:*:*:*:*:*:*:*",
"matchCriteriaId": "C4A9F7DF-BB18-46FC-B471-3FC41F4CCD01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpi1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A2E770-2D7A-4A09-AE89-B58F01FDE1B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpi1t:*:*:*:*:*:*:*",
"matchCriteriaId": "B6546067-A0AD-4BCB-8519-1DF018EBF804",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpi4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE13E73-F2E2-4F8D-B236-940C74335E3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpi5:*:*:*:*:*:*:*",
"matchCriteriaId": "5E08CCB1-054E-4ABB-8A68-5DC5D8464ECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpi6a:*:*:*:*:*:*:*",
"matchCriteriaId": "E790F111-F2C4-4898-BC24-D09C213F62DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpi7:*:*:*:*:*:*:*",
"matchCriteriaId": "92A0E2C0-519E-4DFA-897E-DF5DE59434A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpi8a:*:*:*:*:*:*:*",
"matchCriteriaId": "00D510BB-FB26-4991-BCB7-9E79EBD195A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpi9:*:*:*:*:*:*:*",
"matchCriteriaId": "C1AADEEE-6B71-4A4E-B33D-BEA65B9CB0B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpi10:*:*:*:*:*:*:*",
"matchCriteriaId": "52CE3939-470F-47B8-8C2D-AF5F109FC971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3BF63D2-734D-41F4-8FE0-7F07F482AA6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj2t:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4E1437-2511-40ED-848A-FFE4542D8B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj3:*:*:*:*:*:*:*",
"matchCriteriaId": "568E1EE8-78E7-4E24-88D1-9D42DE500F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj3a:*:*:*:*:*:*:*",
"matchCriteriaId": "37F71B84-9188-4333-95B1-0801F03BC496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj4:*:*:*:*:*:*:*",
"matchCriteriaId": "A42E49E0-08A9-49DF-B67D-537618A8881A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj5:*:*:*:*:*:*:*",
"matchCriteriaId": "806D68A3-6E80-4184-A5D7-FBA718B66BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj6:*:*:*:*:*:*:*",
"matchCriteriaId": "55BEDA52-B21D-4693-8E70-88350FDCACD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj7:*:*:*:*:*:*:*",
"matchCriteriaId": "3E2365E7-F80F-430D-8F23-04191DE26DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj7c:*:*:*:*:*:*:*",
"matchCriteriaId": "E49AB188-17B6-4C2E-BC79-D4B410F38BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj8a:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D272C6-4455-4B42-813D-900862918F33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj9:*:*:*:*:*:*:*",
"matchCriteriaId": "E98F9CB3-F6D1-484A-B6CF-7C7FD78AEC04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj10:*:*:*:*:*:*:*",
"matchCriteriaId": "905019E4-5C39-43C6-987F-722E3B08D15F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpj11:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB14CD5-5085-4859-8E88-67B6F4A4ACA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpk:*:*:*:*:*:*:*",
"matchCriteriaId": "9D6F2D03-4959-4AF3-ABEC-77751C40A2DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpk1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5AE65B-2974-47D5-9023-AA1FB2031DF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpk2:*:*:*:*:*:*:*",
"matchCriteriaId": "35B2299C-0303-4E0B-B194-7404F8C7FF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpk3:*:*:*:*:*:*:*",
"matchCriteriaId": "27DFB3D9-013F-45B9-8E03-2CA8EF23A05F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpk4:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDACFAF-95E5-420F-B546-CD4CCCBF3743",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpk5:*:*:*:*:*:*:*",
"matchCriteriaId": "98D2B2C1-8A01-4F50-A9F9-1758C9060367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpk6:*:*:*:*:*:*:*",
"matchCriteriaId": "4F7D84D9-291C-4E6C-8B67-BF51E910C812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpk7:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE75D4F-AD71-4923-B00B-0EC835CC9CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpk8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA1A49E-C1BE-4BF3-A3D4-F00C12519808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpk9:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E99C3F-14E6-433E-8B4F-5A196484EE72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpl:*:*:*:*:*:*:*",
"matchCriteriaId": "618D6BE0-305A-432D-A0F1-55FD119FDC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpm:*:*:*:*:*:*:*",
"matchCriteriaId": "889E740C-2EED-4C9F-A532-0B13D257CE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpn:*:*:*:*:*:*:*",
"matchCriteriaId": "F605F3D7-F81A-406C-8846-A4174688A803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpn1:*:*:*:*:*:*:*",
"matchCriteriaId": "32AE012B-3E8D-4DA2-8D9A-FACBE23F4E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpn2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7E6D57-FDA9-48B8-8193-C205C1D88369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpn3:*:*:*:*:*:*:*",
"matchCriteriaId": "D040F774-2BCD-4093-B340-3D1D983AF0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpn4:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9E7FF5-3647-4FD2-AB0F-4092786BE7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpn5:*:*:*:*:*:*:*",
"matchCriteriaId": "9A7267E3-F70A-492F-85E6-12F4AC6D38AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpn6:*:*:*:*:*:*:*",
"matchCriteriaId": "F5830929-5087-450B-AB3E-F1E03828C4FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpo:*:*:*:*:*:*:*",
"matchCriteriaId": "EC346170-9412-4CA5-9BE2-73F72C81A24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpp:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1EA81C-A137-41A2-89AF-174E233AAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpq:*:*:*:*:*:*:*",
"matchCriteriaId": "58BEC384-3525-4BE2-AC0B-E2718387B77E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpq1:*:*:*:*:*:*:*",
"matchCriteriaId": "A89EC5B6-C9F6-41BB-95DB-663D0121BBA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpq2:*:*:*:*:*:*:*",
"matchCriteriaId": "967AF15C-411D-4BB9-906E-38D74D02F82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpq3:*:*:*:*:*:*:*",
"matchCriteriaId": "73487EBB-9EB4-4048-B0C8-964D0BE330E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpq4:*:*:*:*:*:*:*",
"matchCriteriaId": "2992B552-AB8C-4D7E-AAAD-F28586BF8FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpq5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD00E777-723E-42D5-AE2E-67B08603BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpr:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB21DC4-1946-44E0-BAAE-78255BFAEA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jps:*:*:*:*:*:*:*",
"matchCriteriaId": "60B75123-1D99-487A-B9EE-5F4411AF845E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpt:*:*:*:*:*:*:*",
"matchCriteriaId": "89BED107-3A18-4F09-BF8A-B712F9DE8B0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpt1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAFF110-4F3D-4FF5-95B8-16CACA58DC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jpt2:*:*:*:*:*:*:*",
"matchCriteriaId": "E517D85B-CD2E-4132-A019-5C7176C72117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0A47B7-5AD3-4B4C-A2FD-4EE0381B3FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "499C6196-2D34-4312-9C3E-B1A6E8D21112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "A12F00E7-8134-4CF4-ACD3-1E7E6F1C6332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "9B828AA0-E0B2-4897-AF28-FC80B9FF81BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "9279A96A-43B2-4FD4-97F0-DA331EACF918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "3479B06E-1B67-4399-BA3A-E02331E21BE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m6:*:*:*:*:*:*:*",
"matchCriteriaId": "7855CC38-5E3E-486D-9322-7BF0DC1FF623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m7:*:*:*:*:*:*:*",
"matchCriteriaId": "496E2D60-AEEF-4D34-ABE4-9A9B101643D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m8:*:*:*:*:*:*:*",
"matchCriteriaId": "A740BDE4-B65E-4F6F-BAB7-BBA64567EC79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m8a:*:*:*:*:*:*:*",
"matchCriteriaId": "3F391FDE-A48C-4F59-BC6F-7880B234E3A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m9:*:*:*:*:*:*:*",
"matchCriteriaId": "E10916E9-6105-46F9-993D-F09C223003B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m10:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2E9E28-64F4-469C-8F01-FC2290B57106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)cg:*:*:*:*:*:*:*",
"matchCriteriaId": "D962FBA3-CE59-401B-9451-45001775BA66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)cg1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13F2837-174B-4437-BF3F-CB6BFBF8F64D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "4220D3B1-BD05-4169-91BA-B1AA45084C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "84BAF351-4C7F-44F8-812E-9C402CBBB5FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy2:*:*:*:*:*:*:*",
"matchCriteriaId": "0595F3D8-8D99-4C82-9EC1-1187C52A6740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy3:*:*:*:*:*:*:*",
"matchCriteriaId": "662ACAD0-7E80-4CB5-8409-03E72A3C59D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)sy4:*:*:*:*:*:*:*",
"matchCriteriaId": "A43EE852-5F22-4387-8332-A12FF3306210",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B856BB-0FFE-4A92-9CE7-D71B6C611CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1EE552E-226C-46DE-9861-CB148AD8FB44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF02C8E-9BB2-4DC2-8BF1-932835191F09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1B86D1-344A-470D-8A35-BD8A9ABE9D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "C5AC88EB-7A67-4CDE-9C69-94734966E677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)cg:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8E0069-21AB-497F-9F4C-6F7C041BA0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "74E1226B-46CF-4C82-911A-86C818A75DFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "100DA24F-464E-4273-83DF-6428D0ED6641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "063C0C47-25EB-4AA4-9332-8E43CD60FF39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6004A94-FF96-4A34-B3CC-D4B4E555CFB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "02866AED-A1B4-4D89-A11F-27089EF935BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "9613EE90-A90A-4817-A5A1-F78A9F3BA571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "87A96A92-02E7-440C-9E46-0FBE8CE75E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "03F1AEF3-08BD-4CC0-A36A-D26D550853E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD9FF45-C8C2-42E2-B329-48C037A10521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "36CBB93A-A8C8-477E-B530-B0058C3D15B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "6465E3DA-90F0-4DD6-82B1-C9DF9FAEBDD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "346BD6D0-AAF2-4C9A-8DD3-8C710302DCA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5B7053-7F9C-432C-B6F1-DAC00B0C9619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D029D52-65E5-4129-AB47-E873F53799CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy4:*:*:*:*:*:*:*",
"matchCriteriaId": "31605A68-9398-4239-A137-DD0516BD2660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy5:*:*:*:*:*:*:*",
"matchCriteriaId": "727E596A-295D-4D70-810A-436FC6A4415D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy6:*:*:*:*:*:*:*",
"matchCriteriaId": "368210A0-CC15-4FB9-8334-4ED475523C2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy7:*:*:*:*:*:*:*",
"matchCriteriaId": "D37EF429-EE6B-4A72-9D76-4FC1E6E19E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy8:*:*:*:*:*:*:*",
"matchCriteriaId": "9969CCF7-EAD0-4BEA-BCDB-F22A1E0C7C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy9:*:*:*:*:*:*:*",
"matchCriteriaId": "1C258F34-C557-4586-A8D0-590EC37E252E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy10:*:*:*:*:*:*:*",
"matchCriteriaId": "AD456B15-1AFC-470A-9750-E6D152869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy11:*:*:*:*:*:*:*",
"matchCriteriaId": "3B940A51-E9B1-430B-A732-F1B65F54CD2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy12:*:*:*:*:*:*:*",
"matchCriteriaId": "A93140A3-E0C8-4817-802A-27CBFCD40A65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy13:*:*:*:*:*:*:*",
"matchCriteriaId": "A0EE8DB0-15BE-4A3A-B4B2-1C1EAC0AD6ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy14:*:*:*:*:*:*:*",
"matchCriteriaId": "9A643053-8500-4805-84E4-4FB583C0D4F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)sy15:*:*:*:*:*:*:*",
"matchCriteriaId": "A9B05AEB-5455-4854-ABA5-35BABC07F4A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "59F21FEC-A536-45CB-9AE5-61CE45EAD1B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "0340EC20-7099-4F13-8DE6-84475B2A52CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "6994F100-864F-4512-9141-F7D1050F9DD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0CC364-FF3A-4FB3-8004-6628400BC7DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "67A1BC08-28AF-4583-BE21-0D85CA2D7B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "3A259566-AA04-4DE8-900D-865384E56C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF70F3C-FAC8-4691-AF95-1B5B828A9D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF08E7CE-DE01-43B2-A9F0-1CE657E79260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC500D08-0DE1-4AA8-AE97-0CF17A706430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "E86EA2EC-7FEA-4AE8-8CE0-45CA3C21B943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4E00DF-60FD-48F2-A69A-D709A5657F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F5D3761-16C8-413A-89AD-C076B9B92FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "F690BEC9-FAE9-4C02-9993-34BF14FA99EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA314F-8C89-4D6C-A6B6-3E9247A35B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B8565B-3EE6-48DC-AE92-9F16AFFC509C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "716EC9AA-0569-4FA7-A244-1A14FA15C5AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m0a:*:*:*:*:*:*:*",
"matchCriteriaId": "39166A66-859D-43A7-9947-3F3C32FBFAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "097D1950-6159-45A2-8653-D3F90044D0C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "F421AC3C-B0BC-4177-ACDB-87792C1636EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "09CD336D-1110-4B0C-B8D4-7C96293CBADE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "47C580D9-A2EC-4CBB-87F5-1F5CBA23F73F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m4a:*:*:*:*:*:*:*",
"matchCriteriaId": "3C427BA8-3A8C-4934-997B-6DDF9CEB96AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "C7809674-4738-463E-B522-FC6C419E2A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m6:*:*:*:*:*:*:*",
"matchCriteriaId": "FFD51F00-C219-439F-918E-9AF20A6E053A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m6a:*:*:*:*:*:*:*",
"matchCriteriaId": "57BCB671-7ED0-43D5-894F-8B3DBF44E68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m7:*:*:*:*:*:*:*",
"matchCriteriaId": "D4802BC7-F326-4F6E-9C74-04032FF35FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m8:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDE3BCF-B518-47B0-BD3B-0B75515771E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m9:*:*:*:*:*:*:*",
"matchCriteriaId": "1A5C9BF5-0C29-4B50-9A86-29F0ECD44F1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m10:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B0621A-D7A2-415B-91ED-674F2FB4227B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "1194A7BD-CB51-42CD-96E6-9ACF126DD8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s0a:*:*:*:*:*:*:*",
"matchCriteriaId": "CB52603C-CED4-4330-BB53-DDDFEA83882A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "F40A87C1-5EDB-4B50-84CF-729F5037E870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E3BFDBE4-7AD9-418F-8DA5-F97BB37E46BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "42C9B84C-F9DC-4F9E-82F2-04004D539C36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E246B9E-F93F-4BB2-9BA4-438FCC4A711B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE884ADE-FD51-4F10-89A8-D871E7407C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s5:*:*:*:*:*:*:*",
"matchCriteriaId": "B00BF54E-CBFB-4ECD-9EDF-0A8331AF2BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC22B2CD-5154-4055-A6A7-4C31B84B032B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s6a:*:*:*:*:*:*:*",
"matchCriteriaId": "10082A46-7AD3-4533-9A15-267953D9E642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s6b:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED8D1FE-5880-484E-810B-B1CDC2C9F7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s7:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADD1575-BB35-40CE-8452-3D34E25995B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s8:*:*:*:*:*:*:*",
"matchCriteriaId": "67FE59A3-5BA1-4C68-8959-A5B0CA61CDB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s9:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B02867-F082-4A57-9E2E-12B0F4C77526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s9a:*:*:*:*:*:*:*",
"matchCriteriaId": "E8389200-0585-456E-8D0B-D725266ADBBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s10:*:*:*:*:*:*:*",
"matchCriteriaId": "EFEF03FA-FBF2-477F-A5E2-67F47610897A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)sn:*:*:*:*:*:*:*",
"matchCriteriaId": "C84498B4-7002-44D1-B2B7-B43F3081D258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "0F61B07A-7933-476F-951A-AD0019D2443D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "41939712-5075-4924-ABF2-467430B37197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CBC8C7-E3B2-4659-9B47-C0F16817F46A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DC59C3E-A2A4-4A1A-B561-E411D7DE85E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "945363EE-FE7A-44ED-A4A0-942A1F9B2702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "5E25B3DC-B9A7-4DFC-8566-3F790F460DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t0a:*:*:*:*:*:*:*",
"matchCriteriaId": "679DCA8C-F64B-4716-BCC9-9C461A89CB29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "EF662E36-0831-4892-850F-844B0E0B54DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "1E71F49D-E405-4AB4-9188-DA7B338DFD7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "204B0A52-F6AB-406B-B46D-E92F2D7D87F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "700D0D31-138B-4F9A-8C76-3AF8B9D2C59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "B843CEE5-4D53-414D-95C7-4BA515818E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB5DABC-4DAF-4696-A8AE-D4B6B188B9EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "72480900-6E08-425F-965D-143B348E374A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "1EBA0926-E790-4B1C-A549-5B7D2F040E5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sn:*:*:*:*:*:*:*",
"matchCriteriaId": "12D439A6-E8A8-4389-A7C8-2F4BCB7C3854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp:*:*:*:*:*:*:*",
"matchCriteriaId": "4E903D9F-530D-4597-ABA9-4C1CFB79814B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE10B51-53FB-4F30-BAA0-0BD92C3D5C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "5060BAEA-DF8F-4B85-84F5-1410FD45C733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp3:*:*:*:*:*:*:*",
"matchCriteriaId": "CB56857D-029C-4DA8-B439-F1B89EA32074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F91AC2D-86F7-4618-A31B-DE081D4C21BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp5:*:*:*:*:*:*:*",
"matchCriteriaId": "D25B94F9-F10F-47CE-8340-CE56E7ED31E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C32C536-640C-468D-872F-442697DB9EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp7:*:*:*:*:*:*:*",
"matchCriteriaId": "38DE4F33-A677-4848-BB33-10C4A4655735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp8:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0A4820-F737-4A3A-8A08-E2C3EE6F6E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)sp9:*:*:*:*:*:*:*",
"matchCriteriaId": "0894FC09-880C-44D5-B67D-81C92D96D790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "09578DDF-5D13-47C1-9BD1-A1A8B9B0C87D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBF8B70-DFBE-4F6E-83F0-171F03E97606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA55D660-66C6-4278-8C27-25DB2712CC1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "5609B342-D98E-4850-A0FE-810699A80A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "8320F23D-F6BE-405B-B645-1CEB984E8267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m0a:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE2670E-8C17-448D-A5BD-5A4FBCAEC35A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C5C705-6A8C-4834-9D24-CFE26A232C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1b:*:*:*:*:*:*:*",
"matchCriteriaId": "CC270E40-CABA-44B4-B4DD-E9C47A97770B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1DB8C1-7F7D-4562-A317-87E925CAD524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1887D9-E339-4DC6-BE24-A5FF15438B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB2645F-C3BF-458F-9D07-6D66E1953730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m3a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2303A3-CAF1-4DBA-BB6E-F205C23DCE6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "686FD45C-7722-4D98-A6D7-C36CAC56A4AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "871E33AC-B469-47BA-9317-DC9E3E9BF5C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4091CAC-BFAA-404C-A827-4DA9EADDF621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m6a:*:*:*:*:*:*:*",
"matchCriteriaId": "E0DA9FCA-4166-4084-96AF-E82CC4A4DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m6b:*:*:*:*:*:*:*",
"matchCriteriaId": "369A99E0-3451-41D1-8C56-5352EA689950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m7:*:*:*:*:*:*:*",
"matchCriteriaId": "33D4A7FA-E4E0-49C2-97FD-A547A1612F75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m8:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0B918F-A28C-4B5A-A566-6E588B4F6696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m9:*:*:*:*:*:*:*",
"matchCriteriaId": "436114F2-D906-4469-99C4-10B75253B3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "9C8A00BF-4522-467B-A96E-5C33623DCA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m0a:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A434E7-B27C-4663-BE83-39A650D22D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "47C106CF-CBD3-4630-8E77-EDB1643F97E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB7943-5CE1-44F6-B093-5EA65BF71A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "64404B00-4956-47B8-ACDB-88E365E97212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE6A696-5CBC-4552-A54E-55C21BC74D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m4a:*:*:*:*:*:*:*",
"matchCriteriaId": "41237041-1D82-4C6C-BF48-ECEDF9DB08C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m4b:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB72CA3-088E-4EFE-BE1C-190C64101851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "FA584AC4-96AB-4026-84DF-F44F3B97F7E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m6:*:*:*:*:*:*:*",
"matchCriteriaId": "22EB41FD-4DE2-4753-A18C-C877B81B51D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m7:*:*:*:*:*:*:*",
"matchCriteriaId": "158EDE62-04C9-471B-B243-309D49583E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m8:*:*:*:*:*:*:*",
"matchCriteriaId": "D8609F10-2B43-4BDC-AAF1-80D589910EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m9:*:*:*:*:*:*:*",
"matchCriteriaId": "270A1FF4-8541-4026-AE2D-7D500DC401E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "5A58C01B-459E-432F-A49F-68EC45EE6E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m0a:*:*:*:*:*:*:*",
"matchCriteriaId": "D8DFE673-9A5E-4369-A7BB-3DE7F8E503C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m0b:*:*:*:*:*:*:*",
"matchCriteriaId": "4125EE35-ED52-4350-A4CE-E90EA8ED6BAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "56AD5BA0-4D08-4A92-88BE-60AF29BC35CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m1a:*:*:*:*:*:*:*",
"matchCriteriaId": "2881C5EA-0AC7-4074-A4FD-9FA33E3F60A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "198FF520-7631-49D9-B8A8-2E64F6237CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m2a:*:*:*:*:*:*:*",
"matchCriteriaId": "94E067E8-552B-4691-9F6A-C5E8766287BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C4162EC-90DE-4194-8ABC-55CCB8C24FF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m3a:*:*:*:*:*:*:*",
"matchCriteriaId": "405CC56E-574F-4983-B492-C8811FAF06E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m3b:*:*:*:*:*:*:*",
"matchCriteriaId": "B1829074-66F9-4B3B-A084-B88D838CFC44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "6715A135-61A7-4E56-948D-8A8D5F7C98C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C836C26-DBC1-42CB-9B73-9F248D4F2B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m6:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CC4602-D1F5-4843-991A-2903C8336251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m7:*:*:*:*:*:*:*",
"matchCriteriaId": "7BCCD64D-D73C-45FE-B49C-F79E23431B37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m8:*:*:*:*:*:*:*",
"matchCriteriaId": "7561E37E-E7B9-419F-949F-B8EF52DF00DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m9:*:*:*:*:*:*:*",
"matchCriteriaId": "4FAF397C-C67F-488A-8346-CF37F9B7305C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFE8A85-7F63-4E4C-A3FE-7B7E27AD1DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m0a:*:*:*:*:*:*:*",
"matchCriteriaId": "0807458A-2453-4575-AE19-0DE15E04B88C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA0A0E0-A9D8-4FC3-88BD-FA0E7290A9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1AF57E-79E9-40F2-817A-5E7D2760F1E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF9CEA3-054B-4469-A10F-DFCB9057E5E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8313597-49A9-4918-B8D5-8E53C5C9AFAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3a:*:*:*:*:*:*:*",
"matchCriteriaId": "31D6B0E4-92F1-42FD-92DA-887D3D38CEBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3b:*:*:*:*:*:*:*",
"matchCriteriaId": "13C6DA27-2445-4850-B0EF-82EE8C01C0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "63BEFCC8-CC04-4C41-B31A-BF01E40FA1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
"matchCriteriaId": "F0E473CF-FE4B-4DBE-9EBE-337AE415FA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "730D29C4-2BC5-478C-AAFD-E8CF598A5CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m6:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CCCEF9-1956-41BA-8E82-925BA98A4874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0F9F49-F517-4646-B94B-A0BF4F9D6315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A31DB6-3A66-408C-8E36-2E4EE7C62E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m7:*:*:*:*:*:*:*",
"matchCriteriaId": "68A9E030-2999-4881-8EDE-4F6DED01DD43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m7a:*:*:*:*:*:*:*",
"matchCriteriaId": "98368F1D-5B9E-4A8A-B210-227FA95A555A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m8:*:*:*:*:*:*:*",
"matchCriteriaId": "CC217770-5C14-4492-A41A-B46350A529F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m8b:*:*:*:*:*:*:*",
"matchCriteriaId": "0D399E4E-3C90-4E74-8921-BB19FB5B64F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m9:*:*:*:*:*:*:*",
"matchCriteriaId": "3209BA66-72D4-4CC9-9176-02E14F9553ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m10:*:*:*:*:*:*:*",
"matchCriteriaId": "543B26D7-9950-4B3E-A189-2F6DE5756C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m11:*:*:*:*:*:*:*",
"matchCriteriaId": "DB3533E7-489E-4775-9CB2-2C545BA3EE63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following:\r\n\r \r An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials. \r An authenticated, remote attacker with high privileges could execute code as the root user on an affected device that is running Cisco IOS XE Software. To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device. \r \r An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks. \r\n\r This vulnerability is due to a stack overflow condition in the SNMP subsystem of the affected software. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.\r\n\r Note: This vulnerability affects all versions of SNMP."
}
],
"id": "CVE-2025-20352",
"lastModified": "2025-10-01T13:51:39.657",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2025-09-24T18:15:36.930",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory",
"Mitigation"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-20 20:15
Modified
2024-11-21 05:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | - | |
| cisco | sd-wan_firmware | 18.3.5 | |
| cisco | sd-wan_firmware | 18.3.8 | |
| cisco | sd-wan_firmware | 18.4.1 | |
| cisco | sd-wan_firmware | 18.4.4 | |
| cisco | sd-wan_firmware | 18.4.5 | |
| cisco | sd-wan_firmware | 19.2.0 | |
| cisco | sd-wan_firmware | 19.2.1 | |
| cisco | sd-wan_firmware | 19.2.2 | |
| cisco | sd-wan_firmware | 19.2.99 | |
| cisco | sd-wan_firmware | 20.1.0 | |
| cisco | sd-wan_vsmart_controller_firmware | * | |
| cisco | vedge_100_router | - | |
| cisco | vedge_1000_router | - | |
| cisco | vedge_100b_router | - | |
| cisco | vedge_100m_router | - | |
| cisco | vedge_100wm_router | - | |
| cisco | vedge_2000_router | - | |
| cisco | vedge_5000_router | - | |
| cisco | vedge_cloud_router | - | |
| cisco | catalyst_sd-wan_manager | - | |
| cisco | sd-wan_vbond_orchestrator | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30EE0731-351C-4889-8335-3E7E7955A385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4CBD6FD9-84EE-416C-B77D-843D2FAAF1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0015FD1E-1BCD-40AB-8C21-264AB9F6E123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C9F1DA-0527-4442-B0B4-4467960D30C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0717AEB4-93B0-47F5-9F1B-153A519AD2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0065B109-5020-48AE-B10F-3452444748C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C535AB3-DCCE-4CFB-8479-08550552E863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C2CBB8-7296-4549-B98C-D39FA1D35E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "B74606C6-B292-4D23-8652-5CF49BDD8369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:20.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF9C5E2-1A91-43A0-8F51-05A2E204BF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBC49D2-5618-416A-AE3C-6421B8B09C80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEE108-5CF9-4F19-9A52-40850F850E91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AF418B-E5C4-4FEA-A9B9-9D29002702CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8282DC4-099F-4379-8B2A-7B876AE29779",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9952ECE-2659-4CAC-B29C-6439391FADDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAF9E5F-C858-44C8-9F81-0916324CF513",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA0F3A1-3442-4491-95D6-F5B17A09DB73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E1CFE1-8CF7-48BE-833F-03F72B3BAFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3773F59-DF2E-4387-8E27-C08FE1E6549D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3D96F7-3574-443F-9AD4-5E62E0F5E4F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en los productos Cisco SD-WAN, podr\u00edan permitir a un atacante no autenticado remoto ejecutar ataques de denegaci\u00f3n de servicio (DoS) contra un dispositivo afectado. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1274",
"lastModified": "2024-11-21T05:43:58.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-20T20:15:15.970",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-30 19:15
Modified
2024-11-21 06:43
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | sd-wan_vbond_orchestrator | * | |
| cisco | sd-wan_vmanage | * | |
| cisco | sd-wan_vsmart_controller | * | |
| cisco | ios_xe_sd-wan | * | |
| cisco | sd-wan | * | |
| cisco | 1100-4g_integrated_services_router | - | |
| cisco | 1100-6g_integrated_services_router | - | |
| cisco | 1100_integrated_services_router | - | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000 | - | |
| cisco | vedge_100b | - | |
| cisco | vedge_100m | - | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3970BA7-2CD6-4DC1-BEBC-03662C88DA94",
"versionEndExcluding": "18.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3197B1-2306-4B0B-96A2-52BB369EE79C",
"versionEndExcluding": "18.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12016C30-65D9-4508-B138-0F612736CBF2",
"versionEndExcluding": "18.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "052AA171-9B26-4D76-ADA5-1984759AEFB6",
"versionEndExcluding": "16.10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A94AB84-87A9-47FB-B3CB-55282536B006",
"versionEndExcluding": "18.4.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software Cisco IOS XE SD-WAN independiente y del software Cisco SD-WAN podr\u00eda permitir a un atacante local autenticado eliminar archivos arbitrarios del sistema de archivos de un dispositivo afectado. Esta vulnerabilidad es debido a una insuficiente comprobaci\u00f3n de entradas. Un atacante podr\u00eda explotar esta vulnerabilidad al inyectar informaci\u00f3n de ruta de archivos arbitraria cuando son usados comandos en la CLI de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante eliminar archivos arbitrarios del sistema de archivos del dispositivo afectado"
}
],
"id": "CVE-2022-20850",
"lastModified": "2024-11-21T06:43:41.000",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-30T19:15:12.543",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-24 21:15
Modified
2024-11-21 05:44
Severity ?
6.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71230E92-DE87-42D4-9382-C7AF488E22B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "237136F5-5A1B-4033-8B7C-CDAD66AF25DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el control de acceso basado en roles del Software Cisco IOS XE SD-WAN, podr\u00eda permitir a un atacante local autenticado con privilegios de solo lectura obtener privilegios administrativos utilizando el puerto de la consola cuando el dispositivo est\u00e1 en la configuraci\u00f3n SD-WAN predeterminada.\u0026#xa0;Esta vulnerabilidad ocurre porque se aplica la configuraci\u00f3n predeterminada para la autenticaci\u00f3n y autorizaci\u00f3n de la consola.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad si se conecta al puerto de la consola y se autentica como usuario de solo lectura.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un usuario con permisos de solo lectura acceder a privilegios administrativos"
}
],
"id": "CVE-2021-1371",
"lastModified": "2024-11-21T05:44:12.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-24T21:15:11.833",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 06:11
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2108544A-5C67-483F-926E-0830CC7808FA",
"versionEndIncluding": "17.2.1r",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4856E07-B3C2-4674-9584-866F6AF643B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:422_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03A273EE-41C1-41E9-9002-46F83FC6533F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000_series:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76B7C13F-46C5-460A-A6C9-3837A28A0CE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000_series_route_processor_\\(rp2\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "C02F9303-F9DF-4166-AB4B-8C26B9FAD109",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1000_series_route_processor_\\(rp3\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "372CB4D6-BB22-4521-9C18-C0A663717168",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8B0B49-2C99-410B-B011-5B821C5992FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de Cisco IOS XE SD-WAN Software podr\u00eda permitir a un atacante local autenticado inyectar comandos arbitrarios para ejecutarlos con privilegios de nivel de root en el sistema operativo subyacente. Esta vulnerabilidad es debido a una insuficiente comprobaci\u00f3n de entrada en determinados comandos de la CLI. Un atacante podr\u00eda explotar esta vulnerabilidad al autenticarse en un dispositivo afectado y enviando entradas dise\u00f1adas a la CLI. El atacante debe estar autenticado como usuario administrativo para ejecutar los comandos afectados. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos con privilegios de nivel de root"
}
],
"id": "CVE-2021-34725",
"lastModified": "2024-11-21T06:11:03.450",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T03:15:19.093",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-25 17:15
Modified
2024-10-24 19:47
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability exists because UTD improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. An attacker could exploit this vulnerability by sending crafted traffic through an SD-WAN IPsec tunnel that is configured on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Note: SD-WAN tunnels that are configured with Generic Routing Encapsulation (GRE) are not affected by this vulnerability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08DCCBA3-82D2-4444-B5D3-E5FC58D024F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E21B3881-37E9-4C00-9336-12C9C28D1B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "E54599DB-A85E-4EEA-9985-2CBF90E28A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B70A3D-CBE1-4218-A7B4-F85741A57BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB1E60-C2A9-4570-BE80-F3D478A53738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9841799A-87E2-46AE-807A-824981EAB35A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEF022B-271F-4017-B74B-82748D5EBA01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B2902D8-3A7B-4C47-9BC6-8CA4C580A346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "8871B890-78F4-4D9D-AEFF-6A393493C51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "9E489AC5-A445-44FF-AA85-F0915577384E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "917BA05C-2A18-4C68-B508-85C2B5A94416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "06337791-7D8D-4EAA-BACC-4E270F377B3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "336A8630-653C-4E28-8DE1-76CDD8573980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1767AE-7D9F-4BAA-90E1-CF8314CD0B53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "274E3E6F-4280-4EAE-B102-1BE57FE1F1D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "46B52A51-51DB-4A12-AB1D-8D9605226599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BE7166-DBD3-4CE6-A14A-725FE896B85E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE62C4B-7C06-4907-BADE-416C1618D2D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0C60DF3F-DBD9-4BBF-812E-4BB0C47BDF3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "26FEE2E2-DD85-4006-8895-0BDA04E8EE4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CD237B-2843-4D37-87D7-AE6D1A53458A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "1B80614B-6362-45F0-B305-2F137B053DCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "47B20C7E-1C9C-4EF4-91E4-388643C4B9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7966A0-D84D-47F7-AED9-D041BCDA6703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04D19D8C-FACF-49B4-BA99-CC3A3FDADAFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B78942C-BEE1-4D18-9075-8E1D991BF621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "5B306D35-4A13-4D23-8EC2-D000E8ADCDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9F21093D-1036-4F6B-B90F-ACE1EF99EA33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280D24C6-A2BF-46E8-B512-6A3FA7833922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "1F903F51-ABF4-49B0-A5BA-A6B51F79666F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F244E7-8EE9-4E58-83FA-EEDD3C8F792D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "5238B1D1-740D-4B37-A0CB-1B3343E55D05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38B87B17-C653-40AC-8AE4-066BB1123C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9012A66E-82C4-4ACF-A4BB-37EC54B87B50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9C945710-7DC3-43D9-9FBE-F2A1B8666C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "849C6FF1-F7C0-4021-BCA2-A791C87E4F37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7592C7E3-3735-425F-A276-9EE03224CD5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1103BE75-EB64-4A9A-801E-EDE6A1F861F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "7452C7E9-6241-42C5-9A7F-13C0BD38A2B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "38C48FC4-5362-4B61-8B8C-7CAFFB81045E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC43383-DF99-4D38-A220-0A202623B36A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E6CD08-EC7E-42C1-B2C2-CA5E154545A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "DE62DC68-E882-49E7-AAD2-2F73637FFB4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y1:*:*:*:*:*:*:*",
"matchCriteriaId": "57CD29C9-C629-48B0-ABDD-CEC3DEB6FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51EA3EAA-A379-467E-AF9A-FCFBACAE49C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "4FC63AAF-758F-4A70-9738-96E75A0A1DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E67BE408-8DCF-491F-9EA9-E368565C1B49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CFE98A-FBA5-4837-BBD9-3C875ECEBF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "36A5F20F-3F38-4FB9-B49D-28569EB1A763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2264D7-5E89-4F50-B948-FAB41D07C8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB8368D-B9F9-4679-8154-1174E140CA17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE76032-948F-444F-BA5D-72A34D1CD382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9A965A2A-129C-45C3-BCB1-2860F583D020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F313F2EC-F3D6-4639-934C-402DDA3DA806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFB2CA6-8332-4E4D-BDB4-C3B770D3AD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.99sw:*:*:*:*:*:*:*",
"matchCriteriaId": "6F7C157F-5569-4072-805F-7AF598F6B56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF0778B-015D-481B-BAC0-40667F3453D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEBC0EB-0DBB-4530-AFC4-AA0036469656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "66D0DB87-6BB7-4FCF-BF20-6D4D48D72B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE165207-A066-44C1-B78A-6EFD80023204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF792BC-C270-4294-8E4E-71FAC3ACFCF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8577AF01-F2C7-48D3-AB0B-78BD63A60029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0D2D94-6470-4E4B-A1B1-0124F92AA793",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "70AD0EE7-90D6-446C-AF16-FA1110AC470B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.6.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0B0C1F-9D10-48E7-BE69-0143A45D3EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F380EA8-8A31-46D0-9FFD-6B6CD24C5ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE315D8-FED1-4F83-B7A6-B211E91168CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1609BF92-B0FD-4D45-8605-492C71B334A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0E7CEBF6-8D1D-40E4-9854-3A9C38ACAB86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB324BF-9415-4B70-BF11-AC20481F9FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BE462494-BC2A-420E-87C8-07170CA2D84C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "DD114AA0-3EA1-4BA0-B04A-924CBAA7DC41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4EBF2D46-7D17-43CB-B3B2-130A8C2B39B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8F04EF-2B0B-48B9-938F-58F2E9D6622D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B35CEF2A-3905-40AF-A582-F0D77FD48058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "227945F0-83AD-4B29-8CFE-4DE6206DBE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.13.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E54227CC-A1B1-4533-810E-E460B6E942BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability exists because UTD improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. An attacker could exploit this vulnerability by sending crafted traffic through an SD-WAN IPsec tunnel that is configured on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\n\r Note: SD-WAN tunnels that are configured with Generic Routing Encapsulation (GRE) are not affected by this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el proceso que clasifica el tr\u00e1fico que se dirige al componente Unified Threat Defense (UTD) del software Cisco IOS XE en modo controlador podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad existe porque UTD maneja incorrectamente ciertos paquetes cuando esos paquetes salen de un t\u00fanel IPsec SD-WAN. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico manipulado a trav\u00e9s de un t\u00fanel IPsec SD-WAN que est\u00e9 configurado en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue, lo que da como resultado una condici\u00f3n de DoS. Nota: Los t\u00faneles SD-WAN que est\u00e1n configurados con Encapsulaci\u00f3n de enrutamiento gen\u00e9rico (GRE) no se ven afectados por esta vulnerabilidad."
}
],
"id": "CVE-2024-20455",
"lastModified": "2024-10-24T19:47:49.750",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-25T17:15:16.827",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-371"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-20 20:15
Modified
2024-11-21 05:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | - | |
| cisco | sd-wan_firmware | 18.3.5 | |
| cisco | sd-wan_firmware | 18.3.8 | |
| cisco | sd-wan_firmware | 18.4.1 | |
| cisco | sd-wan_firmware | 18.4.4 | |
| cisco | sd-wan_firmware | 18.4.5 | |
| cisco | sd-wan_firmware | 19.2.0 | |
| cisco | sd-wan_firmware | 19.2.1 | |
| cisco | sd-wan_firmware | 19.2.2 | |
| cisco | sd-wan_firmware | 19.2.99 | |
| cisco | sd-wan_firmware | 20.1.0 | |
| cisco | sd-wan_vsmart_controller_firmware | * | |
| cisco | vedge_100_router | - | |
| cisco | vedge_1000_router | - | |
| cisco | vedge_100b_router | - | |
| cisco | vedge_100m_router | - | |
| cisco | vedge_100wm_router | - | |
| cisco | vedge_2000_router | - | |
| cisco | vedge_5000_router | - | |
| cisco | vedge_cloud_router | - | |
| cisco | catalyst_sd-wan_manager | - | |
| cisco | sd-wan_vbond_orchestrator | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30EE0731-351C-4889-8335-3E7E7955A385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4CBD6FD9-84EE-416C-B77D-843D2FAAF1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0015FD1E-1BCD-40AB-8C21-264AB9F6E123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C9F1DA-0527-4442-B0B4-4467960D30C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0717AEB4-93B0-47F5-9F1B-153A519AD2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0065B109-5020-48AE-B10F-3452444748C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C535AB3-DCCE-4CFB-8479-08550552E863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C2CBB8-7296-4549-B98C-D39FA1D35E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.99:*:*:*:*:*:*:*",
"matchCriteriaId": "B74606C6-B292-4D23-8652-5CF49BDD8369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:20.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF9C5E2-1A91-43A0-8F51-05A2E204BF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBC49D2-5618-416A-AE3C-6421B8B09C80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEE108-5CF9-4F19-9A52-40850F850E91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AF418B-E5C4-4FEA-A9B9-9D29002702CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8282DC4-099F-4379-8B2A-7B876AE29779",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9952ECE-2659-4CAC-B29C-6439391FADDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAF9E5F-C858-44C8-9F81-0916324CF513",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA0F3A1-3442-4491-95D6-F5B17A09DB73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E1CFE1-8CF7-48BE-833F-03F72B3BAFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3773F59-DF2E-4387-8E27-C08FE1E6549D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3D96F7-3574-443F-9AD4-5E62E0F5E4F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en los productos Cisco SD-WAN, podr\u00edan permitir a un atacante no autenticado remoto ejecutar ataques de denegaci\u00f3n de servicio (DoS) contra un dispositivo afectado. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1273",
"lastModified": "2024-11-21T05:43:58.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-20T20:15:15.923",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-20 20:15
Modified
2024-11-21 05:44
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | - | |
| cisco | sd-wan_firmware | * | |
| cisco | sd-wan_firmware | 20.4.0 | |
| cisco | sd-wan_vsmart_controller_firmware | * | |
| cisco | vedge_100_router | - | |
| cisco | vedge_1000_router | - | |
| cisco | vedge_100b_router | - | |
| cisco | vedge_100m_router | - | |
| cisco | vedge_100wm_router | - | |
| cisco | vedge_2000_router | - | |
| cisco | vedge_5000_router | - | |
| cisco | vedge_cloud_router | - | |
| cisco | sd-wan_vbond_orchestrator | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFA9DB8-3168-467D-8EE7-2368C072142E",
"versionEndExcluding": "20.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:20.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12CB625A-C638-414A-95F9-9E147C897C60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBC49D2-5618-416A-AE3C-6421B8B09C80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEE108-5CF9-4F19-9A52-40850F850E91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AF418B-E5C4-4FEA-A9B9-9D29002702CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8282DC4-099F-4379-8B2A-7B876AE29779",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9952ECE-2659-4CAC-B29C-6439391FADDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAF9E5F-C858-44C8-9F81-0916324CF513",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA0F3A1-3442-4491-95D6-F5B17A09DB73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E1CFE1-8CF7-48BE-833F-03F72B3BAFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3773F59-DF2E-4387-8E27-C08FE1E6549D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en la interfaz de administraci\u00f3n basada en web del Software Cisco SD-WAN vManage, podr\u00edan permitir a un atacante remoto autenticado omitir la autorizaci\u00f3n y modificar la configuraci\u00f3n de un sistema afectado, conseguir acceso a informaci\u00f3n confidencial y visualizar informaci\u00f3n para la que no est\u00e1 autorizado acceder. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1305",
"lastModified": "2024-11-21T05:44:03.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-20T20:15:17.207",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-abyp-TnGFHrS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-abyp-TnGFHrS"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F29CEE37-4044-4A3C-9685-C9C021FD346A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FDA817-3A50-4B9E-8F4E-F613BDB3E9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BF9829-F80E-4837-A420-39B291C4E17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D136D2BC-FFB5-4912-A3B1-BD96148CB9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "A22256FE-431C-4AD9-9E7F-7EAC2D81B1B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD5B3AB-27C2-4055-A3B7-0112D089FDA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "04081A51-E08F-4114-9276-584E836181D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "ADED0D82-2A4D-4235-BFAC-5EE2D862B652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "62A46516-CEB7-48D4-879B-341963A1FA31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1g:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EF98FA-6DF9-4935-9639-143E08462BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A443E93-6C4B-4F86-BA7C-7C2A929E795A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECEDD9D-6517-44BA-A95F-D1D5488C0E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "314C7763-A64D-4023-9F3F-9A821AE4151F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "5820D71D-FC93-45AA-BC58-A26A1A39C936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1C85DD-69CC-4AA8-B219-651D57FC3506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B53E377A-0296-4D7A-B97C-576B0026543D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD98C9E8-3EA6-4160-970D-37C389576516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "7745ED34-D59D-49CC-B174-96BCA03B3374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "19AF4CF3-6E79-4EA3-974D-CD451A192BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "313BD54C-073C-4F27-82D5-C99EFC3A20F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "93B96E01-3777-4C33-9225-577B469A6CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "65FC3CC1-CF4F-4A2D-A500-04395AFE8B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "D18B32E3-6B33-4E3D-879A-82E2F0BFC906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1za:*:*:*:*:*:*:*",
"matchCriteriaId": "027200FC-8AD4-47E4-A404-490AE4F997EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "443D78BA-A3DA-4D1F-A4DF-2F426DC6B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6FB4DC-814D-49D2-BBE2-3861AE985A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9173AD6-6658-4267-AAA7-D50D0B657528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F02EE9D-45B1-43D6-B05D-6FF19472216B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8FCB9440-F470-45D1-AAFA-01FB5D76B600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBFDD70-7AF3-47AE-94CA-56C19F2D6234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89369318-2E83-489F-B872-5F2E247BBF8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E21B3881-37E9-4C00-9336-12C9C28D1B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "E54599DB-A85E-4EEA-9985-2CBF90E28A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C87891C-B8D0-4286-B6A7-61037E1A6A54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en la CLI del Software Cisco IOS XE SD-WAN, podr\u00edan permitir a un atacante local autenticado acceder al sistema operativo subyacente con privilegios root.\u0026#xa0;Estas vulnerabilidades son debido a una comprobaci\u00f3n insuficiente de la entrada de determinados comandos de la CLI.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades al autenticarse en el dispositivo y enviar una entrada dise\u00f1ada a la CLI.\u0026#xa0;El atacante debe estar autenticado como usuario administrativo para ejecutar los comandos afectados.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante acceder al sistema operativo subyacente con privilegios root"
}
],
"id": "CVE-2021-1383",
"lastModified": "2024-11-21T05:44:13.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-24T20:15:13.667",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 06:11
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe | * | |
| cisco | ios_xe_sd-wan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90E2FB2F-309B-4974-B42B-13C1B0EC34BC",
"versionEndIncluding": "17.3.1a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9AD971B-2DB8-416D-B895-B1D0867C8F55",
"versionEndIncluding": "17.3.1a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de Cisco IOS XE SD-WAN Software y de Cisco IOS XE Software podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios con privilegios elevados en un dispositivo afectado. Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los argumentos que se pasan a determinados comandos de la CLI. Un atacante podr\u00eda explotar esta vulnerabilidad al incluir una entrada maliciosa en el argumento de un comando afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos arbitrarios con privilegios elevados en el sistema operativo subyacente. Un atacante podr\u00eda necesitar credenciales de usuario v\u00e1lidas para explotar esta vulnerabilidad"
}
],
"id": "CVE-2021-34729",
"lastModified": "2024-11-21T06:11:04.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T03:15:19.837",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_8000v_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF365FC4-46E3-4564-9F25-1C2FBE70057B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9EABE0-5FB0-4277-A389-87732E750B7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D2C587-E95B-4E74-88CF-5930072258D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74270062-2030-45A0-9C93-C1F3B7C88E8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F403859-F034-4DD9-9CA5-708EADECB380",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8B0B49-2C99-410B-B011-5B821C5992FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory."
}
],
"id": "CVE-2023-20035",
"lastModified": "2024-11-21T07:40:24.403",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-23T17:15:14.030",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-146"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-15 15:15
Modified
2025-08-01 18:22
Severity ?
Summary
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.
This vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials.
SNMP with IPv6 ACL configurations is not affected.
For more information, see the section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_sd-wan | 16.9.3 | |
| cisco | ios_xe_sd-wan | 16.9.4 | |
| cisco | ios_xe_sd-wan | 16.10.1 | |
| cisco | ios_xe_sd-wan | 16.10.2 | |
| cisco | ios_xe_sd-wan | 16.10.3 | |
| cisco | ios_xe_sd-wan | 16.10.3a | |
| cisco | ios_xe_sd-wan | 16.10.3b | |
| cisco | ios_xe_sd-wan | 16.10.4 | |
| cisco | ios_xe_sd-wan | 16.10.5 | |
| cisco | ios_xe_sd-wan | 16.10.6 | |
| cisco | ios_xe_sd-wan | 16.11.1 | |
| cisco | ios_xe_sd-wan | 16.11.1a | |
| cisco | ios_xe_sd-wan | 16.11.1b | |
| cisco | ios_xe_sd-wan | 16.11.1d | |
| cisco | ios_xe_sd-wan | 16.11.1f | |
| cisco | ios_xe_sd-wan | 16.11.1s | |
| cisco | ios_xe_sd-wan | 16.12.1 | |
| cisco | ios_xe_sd-wan | 16.12.3 | |
| cisco | ios_xe_sd-wan | 16.12.4 | |
| cisco | ios_xe_sd-wan | 16.12.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD04C1FB-F8F8-486A-9E2F-EB01856B1C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "156D51A0-506C-47FD-BF45-955C1B881976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "23468BBF-F5AB-4924-A084-F065BB02BF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A03544C9-6037-4D88-8D0E-513DFCB4CC13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B681843-64AE-4987-B94A-DD9A915846CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "C022D72E-D7E5-4910-8D0A-D488348D10D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.3b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F49E6EE-95D6-4419-BDC7-274F30C53886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B56C494-9925-46DE-B1FA-3D1C46093F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BA375C35-61CC-4123-967C-1E4B40673D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C32EAF-90A1-4391-B82D-A1F8E6A83E0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0350E16B-1FEF-4D4F-B520-B53EA3DA29A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA58A8E-D63E-4276-BB92-35B7F4D2760E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "90EBD3C8-5749-4EB7-976F-8749A44E483A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "9DCC3D6A-BE62-45AA-BCDB-B8437D841BDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "EF0E839C-B7D5-4201-9052-0CC0BD925E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.11.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9044701-2609-4E70-BA19-DB4831FCFD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7AC209-B78A-48F3-BC3B-C1F04CA19B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "85FE74B7-E21A-4E99-BD60-37BC4C10BD94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A81BD856-D376-46EA-9C6E-48DA6C5EA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:16.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "89E31772-E8D3-4BC8-B337-B33BCAC4C750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.\u0026nbsp;\r\n\r\nThis vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials.\r\nSNMP with IPv6 ACL configurations is not affected.\r\nFor more information, see the section of this advisory."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de la caracter\u00edstica de lista de control de acceso (ACL) IPv4 del Protocolo simple de administraci\u00f3n de redes (SNMP) de Cisco IOS Software y Cisco IOS XE Software podr\u00eda permitir que un atacante remoto no autenticado realice un sondeo SNMP de un dispositivo afectado, incluso si est\u00e1 configurado para denegar el tr\u00e1fico SNMP. Esta vulnerabilidad existe porque Cisco IOS Software y Cisco IOS XE Software no admiten ACL IPv4 extendidas para SNMP, pero s\u00ed permiten a los administradores configurar ACL IPv4 con nombre extendidas que se adjuntan a la configuraci\u00f3n del servidor SNMP sin un mensaje de advertencia. Esto puede provocar que no se aplique ninguna ACL al proceso de escucha SNMP. Un atacante podr\u00eda aprovechar esta vulnerabilidad realizando un sondeo SNMP de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante realizar operaciones SNMP que deber\u00edan denegarse. El atacante no tiene control sobre la configuraci\u00f3n de la ACL de SNMP y a\u00fan necesitar\u00eda una cadena de comunidad de SNMP versi\u00f3n 2c (SNMPv2c) v\u00e1lida o credenciales de usuario de SNMP versi\u00f3n 3 (SNMPv3). SNMP con configuraciones de ACL de IPv6 no se ve afectado. Para obtener m\u00e1s informaci\u00f3n, consulte la secci\u00f3n de este aviso."
}
],
"id": "CVE-2024-20373",
"lastModified": "2025-08-01T18:22:14.640",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2024-11-15T15:15:06.823",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-uwBXfqww"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe | - | |
| cisco | ios_xe_sd-wan | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D95E8A-8F0B-44E5-B266-09E10BAAEC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en la CLI del Software Cisco IOS XE SD-WAN, podr\u00edan permitir a un atacante local autenticado acceder al sistema operativo subyacente con privilegios root.\u0026#xa0;Estas vulnerabilidades son debido a una comprobaci\u00f3n de la entrada insuficiente de determinados comandos de la CLI.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades al autenticarse en el dispositivo y enviar una entrada dise\u00f1ada a la CLI.\u0026#xa0;El atacante debe estar autenticado como usuario administrativo para ejecutar los comandos afectados.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante acceder al sistema operativo subyacente con privilegios root"
}
],
"id": "CVE-2021-1454",
"lastModified": "2024-11-21T05:44:24.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-24T20:15:15.697",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}