Vulnerabilites related to cisco - vedge_2000
cve-2019-16010
Vulnerability from cvelistv5
Published
2020-03-19 15:35
Modified
2024-11-15 17:32
Severity ?
EPSS score ?
Summary
A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco vManage Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:03:32.664Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200318 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-16010", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:29:02.425299Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:32:45.849Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco vManage Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-03-18T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-19T15:35:32", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200318 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss", }, ], source: { advisory: "cisco-sa-20200318-vmanage-xss", defect: [ [ "CSCvs09263", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-03-18T16:00:00-0700", ID: "CVE-2019-16010", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco vManage Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.5", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79", }, ], }, ], }, references: { reference_data: [ { name: "20200318 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss", }, ], }, source: { advisory: "cisco-sa-20200318-vmanage-xss", defect: [ [ "CSCvs09263", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-16010", datePublished: "2020-03-19T15:35:33.014377Z", dateReserved: "2019-09-06T00:00:00", dateUpdated: "2024-11-15T17:32:45.849Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0434
Vulnerability from cvelistv5
Published
2018-10-05 14:00
Modified
2024-11-26 14:43
Severity ?
EPSS score ?
Summary
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/105294 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:28:10.336Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20180905 Cisco SD-WAN Solution Certificate Validation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation", }, { name: "105294", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105294", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0434", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-25T18:51:41.912292Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-26T14:43:53.131Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-09-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-295", description: "CWE-295", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-07T09:57:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20180905 Cisco SD-WAN Solution Certificate Validation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation", }, { name: "105294", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/105294", }, ], source: { advisory: "cisco-sa-20180905-sd-wan-validation", defect: [ [ "CSCvi69940", ], ], discovery: "UNKNOWN", }, title: "Cisco SD-WAN Solution Certificate Validation Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2018-09-05T16:00:00-0500", ID: "CVE-2018-0434", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution Certificate Validation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software.", }, ], }, impact: { cvss: { baseScore: "8.1", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-295", }, ], }, ], }, references: { reference_data: [ { name: "20180905 Cisco SD-WAN Solution Certificate Validation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation", }, { name: "105294", refsource: "BID", url: "http://www.securityfocus.com/bid/105294", }, ], }, source: { advisory: "cisco-sa-20180905-sd-wan-validation", defect: [ [ "CSCvi69940", ], ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0434", datePublished: "2018-10-05T14:00:00Z", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-26T14:43:53.131Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1648
Vulnerability from cvelistv5
Published
2019-01-24 15:00
Modified
2024-11-20 17:28
Severity ?
EPSS score ?
Summary
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/106719 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:20:28.437Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190123 Cisco SD-WAN Solution Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal", }, { name: "106719", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106719", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1648", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:56:04.651892Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:28:37.180Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-01-23T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-01-26T10:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190123 Cisco SD-WAN Solution Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal", }, { name: "106719", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106719", }, ], source: { advisory: "cisco-sa-20190123-sdwan-sol-escal", defect: [ [ "CSCvi69985", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Solution Privilege Escalation Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-01-23T16:00:00-0800", ID: "CVE-2019-1648", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "20190123 Cisco SD-WAN Solution Privilege Escalation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal", }, { name: "106719", refsource: "BID", url: "http://www.securityfocus.com/bid/106719", }, ], }, source: { advisory: "cisco-sa-20190123-sdwan-sol-escal", defect: [ [ "CSCvi69985", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1648", datePublished: "2019-01-24T15:00:00Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:28:37.180Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1514
Vulnerability from cvelistv5
Published
2021-05-06 12:50
Modified
2024-11-08 23:16
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:17.749Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210505 Cisco SD-WAN Software Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1514", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:43:46.352944Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:16:58.110Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-05-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-06T12:50:58", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210505 Cisco SD-WAN Software Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy", }, ], source: { advisory: "cisco-sa-sdwan-privesc-QVszVUPy", defect: [ [ "CSCvi69989", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Software Privilege Escalation Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-05-05T16:00:00", ID: "CVE-2021-1514", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Software Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.4", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20210505 Cisco SD-WAN Software Privilege Escalation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy", }, ], }, source: { advisory: "cisco-sa-sdwan-privesc-QVszVUPy", defect: [ [ "CSCvi69989", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1514", datePublished: "2021-05-06T12:50:58.964834Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:16:58.110Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20930
Vulnerability from cvelistv5
Published
2022-09-30 18:46
Modified
2024-11-01 18:50
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN vManage |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:31:57.960Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20220928 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-20930", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-01T18:42:16.371547Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-01T18:50:04.587Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN vManage", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2022-09-28T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-88", description: "CWE-88", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-30T18:46:47", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20220928 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu", }, ], source: { advisory: "cisco-sa-sdwan-privesc-cli-xkGwmqKu", defect: [ [ "CSCvz46392", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Software Arbitrary File Corruption Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2022-09-28T23:00:00", ID: "CVE-2022-20930", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Software Arbitrary File Corruption Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN vManage", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition.", }, ], }, exploit: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-88", }, ], }, ], }, references: { reference_data: [ { name: "20220928 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu", }, ], }, source: { advisory: "cisco-sa-sdwan-privesc-cli-xkGwmqKu", defect: [ [ "CSCvz46392", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2022-20930", datePublished: "2022-09-30T18:46:47.422178Z", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-11-01T18:50:04.587Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3372
Vulnerability from cvelistv5
Published
2020-07-16 17:21
Modified
2024-11-15 16:53
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to the affected web-based management interface. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and could result in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN vManage |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.418Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200715 Cisco SD-WAN vManage Software Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3372", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:27:16.956845Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T16:53:24.469Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN vManage", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-07-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to the affected web-based management interface. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and could result in a DoS condition.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-16T17:21:41", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200715 Cisco SD-WAN vManage Software Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ", }, ], source: { advisory: "cisco-sa-emvman-3y6LuTcZ", defect: [ [ "CSCvo08423", "CSCvs21703", "CSCvt69529", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN vManage Software Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-07-15T16:00:00", ID: "CVE-2020-3372", STATE: "PUBLIC", TITLE: "Cisco SD-WAN vManage Software Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN vManage", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to the affected web-based management interface. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and could result in a DoS condition.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.5", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400", }, ], }, ], }, references: { reference_data: [ { name: "20200715 Cisco SD-WAN vManage Software Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ", }, ], }, source: { advisory: "cisco-sa-emvman-3y6LuTcZ", defect: [ [ "CSCvo08423", "CSCvs21703", "CSCvt69529", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3372", datePublished: "2020-07-16T17:21:42.057524Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T16:53:24.469Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1512
Vulnerability from cvelistv5
Published
2021-05-06 12:42
Modified
2024-11-08 23:18
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:17.770Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210505 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1512", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:44:02.972032Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:18:51.250Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-05-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-552", description: "CWE-552", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-06T12:42:11", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210505 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn", }, ], source: { advisory: "cisco-sa-sdwan-arbfile-7Qhd9mCn", defect: [ [ "CSCvs98457", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Software Arbitrary File Corruption Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-05-05T16:00:00", ID: "CVE-2021-1512", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Software Arbitrary File Corruption Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.4", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-552", }, ], }, ], }, references: { reference_data: [ { name: "20210505 Cisco SD-WAN Software Arbitrary File Corruption Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn", }, ], }, source: { advisory: "cisco-sa-sdwan-arbfile-7Qhd9mCn", defect: [ [ "CSCvs98457", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1512", datePublished: "2021-05-06T12:42:11.741571Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:18:51.250Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3401
Vulnerability from cvelistv5
Published
2020-07-16 17:22
Modified
2024-11-13 18:19
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to the affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN vManage |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.404Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200715 Cisco SD-WAN vManage Software Path Traversal Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3401", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:25:15.911345Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:19:34.593Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN vManage", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-07-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to the affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-16T17:22:23", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200715 Cisco SD-WAN vManage Software Path Traversal Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3", }, ], source: { advisory: "cisco-sa-vmandowndir-CVGvdKM3", defect: [ [ "CSCvt74757", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN vManage Software Path Traversal Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-07-15T16:00:00", ID: "CVE-2020-3401", STATE: "PUBLIC", TITLE: "Cisco SD-WAN vManage Software Path Traversal Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN vManage", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to the affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.5", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22", }, ], }, ], }, references: { reference_data: [ { name: "20200715 Cisco SD-WAN vManage Software Path Traversal Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3", }, ], }, source: { advisory: "cisco-sa-vmandowndir-CVGvdKM3", defect: [ [ "CSCvt74757", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3401", datePublished: "2020-07-16T17:22:23.560326Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:19:34.593Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1513
Vulnerability from cvelistv5
Published
2021-05-06 12:50
Modified
2024-11-08 23:17
Severity ?
EPSS score ?
Summary
A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:17.692Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210505 Cisco SD-WAN Software vDaemon Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1513", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:01:28.542164Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:17:08.141Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-05-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-06T12:50:54", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210505 Cisco SD-WAN Software vDaemon Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW", }, ], source: { advisory: "cisco-sa-sdwan-dos-Ckn5cVqW", defect: [ [ "CSCvu28378", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Software vDaemon Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-05-05T16:00:00", ID: "CVE-2021-1513", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Software vDaemon Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.5", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20210505 Cisco SD-WAN Software vDaemon Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW", }, ], }, source: { advisory: "cisco-sa-sdwan-dos-Ckn5cVqW", defect: [ [ "CSCvu28378", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1513", datePublished: "2021-05-06T12:50:54.548142Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:17:08.141Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0432
Vulnerability from cvelistv5
Published
2018-10-05 14:00
Modified
2024-11-26 14:44
Severity ?
EPSS score ?
Summary
A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105296 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:28:09.775Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "105296", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105296", }, { name: "20180905 Cisco SD-WAN Solution Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0432", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-25T18:51:45.638340Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-26T14:44:21.046Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-09-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-07T09:57:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "105296", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/105296", }, { name: "20180905 Cisco SD-WAN Solution Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation", }, ], source: { advisory: "cisco-sa-20180905-sd-wan-escalation", defect: [ [ "CSCvi69801", ], ], discovery: "UNKNOWN", }, title: "Cisco SD-WAN Solution Privilege Escalation Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2018-09-05T16:00:00-0500", ID: "CVE-2018-0432", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.", }, ], }, impact: { cvss: { baseScore: "8.8", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "105296", refsource: "BID", url: "http://www.securityfocus.com/bid/105296", }, { name: "20180905 Cisco SD-WAN Solution Privilege Escalation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation", }, ], }, source: { advisory: "cisco-sa-20180905-sd-wan-escalation", defect: [ [ "CSCvi69801", ], ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0432", datePublished: "2018-10-05T14:00:00Z", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-26T14:44:21.046Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3266
Vulnerability from cvelistv5
Published
2020-03-19 15:35
Modified
2024-11-15 17:33
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.438Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200318 Cisco SD-WAN Solution Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3266", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:50.405708Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:33:53.790Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-03-18T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-19T15:35:12", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200318 Cisco SD-WAN Solution Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v", }, ], source: { advisory: "cisco-sa-sdwclici-cvrQpH9v", defect: [ [ "CSCvs47126", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Solution Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-03-18T16:00:00-0700", ID: "CVE-2020-3266", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200318 Cisco SD-WAN Solution Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v", }, ], }, source: { advisory: "cisco-sa-sdwclici-cvrQpH9v", defect: [ [ "CSCvs47126", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3266", datePublished: "2020-03-19T15:35:12.582598Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:33:53.790Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3379
Vulnerability from cvelistv5
Published
2020-07-16 17:21
Modified
2024-11-15 16:53
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.020Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200715 Cisco SD-WAN Solution Software Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3379", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:27:14.185694Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T16:53:01.086Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-07-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-16T17:21:50", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200715 Cisco SD-WAN Solution Software Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC", }, ], source: { advisory: "cisco-sa-vmpresc-SyzcS4kC", defect: [ [ "CSCvi69987", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Solution Software Privilege Escalation Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-07-15T16:00:00", ID: "CVE-2020-3379", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution Software Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.3", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "20200715 Cisco SD-WAN Solution Software Privilege Escalation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC", }, ], }, source: { advisory: "cisco-sa-vmpresc-SyzcS4kC", defect: [ [ "CSCvi69987", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3379", datePublished: "2020-07-16T17:21:51.004104Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T16:53:01.086Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1511
Vulnerability from cvelistv5
Published
2021-05-06 12:42
Modified
2024-11-08 23:19
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN vEdge router |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:17.569Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1511", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:17:40.485745Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:19:01.399Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN vEdge router", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-05-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-06T12:42:07", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], source: { advisory: "cisco-sa-sdwan-buffover-MWGucjtO", defect: [ [ "CSCvt11545", "CSCvu28407", "CSCvu28442", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-05-05T16:00:00", ID: "CVE-2021-1511", STATE: "PUBLIC", TITLE: "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN vEdge router", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.5", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], }, source: { advisory: "cisco-sa-sdwan-buffover-MWGucjtO", defect: [ [ "CSCvt11545", "CSCvu28407", "CSCvu28442", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1511", datePublished: "2021-05-06T12:42:07.424396Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:19:01.399Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20850
Vulnerability from cvelistv5
Published
2022-09-30 18:46
Modified
2024-11-01 18:50
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:24:50.267Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-20850", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-01T18:40:31.320155Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-01T18:50:42.028Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2022-09-28T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-30T18:46:05", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv", }, ], source: { advisory: "cisco-sa-arb-file-delete-VB2rVcQv", defect: [ [ "CSCvm25943", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Arbitrary File Deletion Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2022-09-28T16:00:00", ID: "CVE-2022-20850", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Arbitrary File Deletion Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.", }, ], }, exploit: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.5", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22", }, ], }, ], }, references: { reference_data: [ { name: "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv", }, ], }, source: { advisory: "cisco-sa-arb-file-delete-VB2rVcQv", defect: [ [ "CSCvm25943", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2022-20850", datePublished: "2022-09-30T18:46:05.246074Z", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-11-01T18:50:42.028Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3264
Vulnerability from cvelistv5
Published
2020-03-19 15:35
Modified
2024-11-15 17:33
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2 | vendor-advisory, x_refsource_CISCO | |
| https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.587Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200318 Cisco SD-WAN Solution Buffer Overflow Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3264", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:47.957877Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:33:22.406Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-03-18T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-22T15:59:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200318 Cisco SD-WAN Solution Buffer Overflow Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r", }, ], source: { advisory: "cisco-sa-sdwanbo-QKcABnS2", defect: [ [ "CSCvs47117", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Solution Buffer Overflow Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-03-18T16:00:00-0700", ID: "CVE-2020-3264", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution Buffer Overflow Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.1", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200318 Cisco SD-WAN Solution Buffer Overflow Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2", }, { name: "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r", refsource: "MISC", url: "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r", }, ], }, source: { advisory: "cisco-sa-sdwanbo-QKcABnS2", defect: [ [ "CSCvs47117", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3264", datePublished: "2020-03-19T15:35:22.750436Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:33:22.406Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1646
Vulnerability from cvelistv5
Published
2019-01-24 15:00
Modified
2024-11-20 17:28
Severity ?
EPSS score ?
Summary
A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/106723 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:20:28.433Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190123 Multiple Privilege Escalation Vulnerabilities in Cisco SD-WAN Solution", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal", }, { name: "106723", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106723", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1646", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:56:07.335389Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:28:59.001Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-01-23T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-01-26T10:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190123 Multiple Privilege Escalation Vulnerabilities in Cisco SD-WAN Solution", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal", }, { name: "106723", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106723", }, ], source: { advisory: "cisco-sa-20190123-sdwan-escal", defect: [ [ "CSCvm25992", "CSCvm26016", "CSCvm26025", "CSCvm26033", "CSCvm26036", ], ], discovery: "INTERNAL", }, title: "Privilege Escalation Vulnerability in Cisco SD-WAN Solution", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-01-23T16:00:00-0800", ID: "CVE-2019-1646", STATE: "PUBLIC", TITLE: "Privilege Escalation Vulnerability in Cisco SD-WAN Solution", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "20190123 Multiple Privilege Escalation Vulnerabilities in Cisco SD-WAN Solution", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal", }, { name: "106723", refsource: "BID", url: "http://www.securityfocus.com/bid/106723", }, ], }, source: { advisory: "cisco-sa-20190123-sdwan-escal", defect: [ [ "CSCvm25992", "CSCvm26016", "CSCvm26025", "CSCvm26033", "CSCvm26036", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1646", datePublished: "2019-01-24T15:00:00Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:28:59.001Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0433
Vulnerability from cvelistv5
Published
2018-10-05 14:00
Modified
2024-11-26 14:44
Severity ?
EPSS score ?
Summary
A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105295 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:28:09.813Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "105295", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105295", }, { name: "20180905 Cisco SD-WAN Solution Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0433", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-25T18:51:43.238664Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-26T14:44:07.519Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-09-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-07T09:57:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "105295", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/105295", }, { name: "20180905 Cisco SD-WAN Solution Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection", }, ], source: { advisory: "cisco-sa-20180905-sd-wan-injection", defect: [ [ "CSCvi69802", "CSCvi69903", ], ], discovery: "UNKNOWN", }, title: "Cisco SD-WAN Solution Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2018-09-05T16:00:00-0500", ID: "CVE-2018-0433", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.", }, ], }, impact: { cvss: { baseScore: "7.8", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "105295", refsource: "BID", url: "http://www.securityfocus.com/bid/105295", }, { name: "20180905 Cisco SD-WAN Solution Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection", }, ], }, source: { advisory: "cisco-sa-20180905-sd-wan-injection", defect: [ [ "CSCvi69802", "CSCvi69903", ], ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0433", datePublished: "2018-10-05T14:00:00Z", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-26T14:44:07.519Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3378
Vulnerability from cvelistv5
Published
2020-07-16 17:21
Modified
2024-11-15 16:53
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN vManage |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.207Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200715 Cisco SD-WAN vManage Software SQL Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3378", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:27:15.444034Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T16:53:12.461Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN vManage", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-07-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-16T17:21:46", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200715 Cisco SD-WAN vManage Software SQL Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O", }, ], source: { advisory: "cisco-sa-sivm-M8wugR9O", defect: [ [ "CSCvt66733", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN vManage Software SQL Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-07-15T16:00:00", ID: "CVE-2020-3378", STATE: "PUBLIC", TITLE: "Cisco SD-WAN vManage Software SQL Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN vManage", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.3", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-89", }, ], }, ], }, references: { reference_data: [ { name: "20200715 Cisco SD-WAN vManage Software SQL Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O", }, ], }, source: { advisory: "cisco-sa-sivm-M8wugR9O", defect: [ [ "CSCvt66733", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3378", datePublished: "2020-07-16T17:21:46.587933Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T16:53:12.461Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1509
Vulnerability from cvelistv5
Published
2021-05-06 12:41
Modified
2024-11-08 23:19
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN vEdge router |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:17.686Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1509", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:17:52.723369Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:19:20.241Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN vEdge router", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-05-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-06T12:41:58", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], source: { advisory: "cisco-sa-sdwan-buffover-MWGucjtO", defect: [ [ "CSCvt11545", "CSCvu28407", "CSCvu28442", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-05-05T16:00:00", ID: "CVE-2021-1509", STATE: "PUBLIC", TITLE: "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN vEdge router", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.5", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], }, source: { advisory: "cisco-sa-sdwan-buffover-MWGucjtO", defect: [ [ "CSCvt11545", "CSCvu28407", "CSCvu28442", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1509", datePublished: "2021-05-06T12:41:58.360018Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:19:20.241Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1546
Vulnerability from cvelistv5
Published
2021-09-23 02:30
Modified
2024-11-07 21:52
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:17.658Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210922 Cisco SD-WAN Software Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1546", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-07T21:40:31.262640Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-07T21:52:24.763Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-09-22T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-209", description: "CWE-209", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-23T02:30:18", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210922 Cisco SD-WAN Software Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX", }, ], source: { advisory: "cisco-sa-sd-wan-Fhqh8pKX", defect: [ [ "CSCvx79335", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Software Information Disclosure Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-09-22T16:00:00", ID: "CVE-2021-1546", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Software Information Disclosure Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.5", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-209", }, ], }, ], }, references: { reference_data: [ { name: "20210922 Cisco SD-WAN Software Information Disclosure Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX", }, ], }, source: { advisory: "cisco-sa-sd-wan-Fhqh8pKX", defect: [ [ "CSCvx79335", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1546", datePublished: "2021-09-23T02:30:18.696150Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-07T21:52:24.763Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3265
Vulnerability from cvelistv5
Published
2020-03-19 15:35
Modified
2024-11-15 17:33
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200318 Cisco SD-WAN Solution Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3265", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:49.102891Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:33:35.542Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-03-18T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-19T15:35:17", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200318 Cisco SD-WAN Solution Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9", }, ], source: { advisory: "cisco-sa-sdwpresc-ySJGvE9", defect: [ [ "CSCvs50619", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Solution Privilege Escalation Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-03-18T16:00:00-0700", ID: "CVE-2020-3265", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.0", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "20200318 Cisco SD-WAN Solution Privilege Escalation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9", }, ], }, source: { advisory: "cisco-sa-sdwpresc-ySJGvE9", defect: [ [ "CSCvs50619", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3265", datePublished: "2020-03-19T15:35:17.637643Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:33:35.542Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3180
Vulnerability from cvelistv5
Published
2020-07-16 17:20
Modified
2024-11-15 16:56
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN vManage |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.870Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200715 Cisco SD-WAN Solution Software Static Credentials Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3180", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:24.662312Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T16:56:01.023Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN vManage", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-07-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-16T17:20:38", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200715 Cisco SD-WAN Solution Software Static Credentials Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj", }, ], source: { advisory: "cisco-sa-sdscred-HfWWfqBj", defect: [ [ "CSCvi59720", "CSCvi85074", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Solution Software Static Credentials Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-07-15T16:00:00", ID: "CVE-2020-3180", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution Software Static Credentials Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN vManage", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.4", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "20200715 Cisco SD-WAN Solution Software Static Credentials Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj", }, ], }, source: { advisory: "cisco-sa-sdscred-HfWWfqBj", defect: [ [ "CSCvi59720", "CSCvi85074", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3180", datePublished: "2020-07-16T17:20:38.219927Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T16:56:01.023Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-16012
Vulnerability from cvelistv5
Published
2020-03-19 15:35
Modified
2024-11-15 17:33
Severity ?
EPSS score ?
Summary
A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco vManage Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:03:32.798Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200318 Cisco SD-WAN Solution vManage SQL Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-16012", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:29:04.089098Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:33:02.770Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco vManage Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-03-18T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-19T15:35:27", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200318 Cisco SD-WAN Solution vManage SQL Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject", }, ], source: { advisory: "cisco-sa-20200318-vmanage-cypher-inject", defect: [ [ "CSCvr42496", "CSCvs49675", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Solution vManage SQL Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-03-18T16:00:00-0700", ID: "CVE-2019-16012", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution vManage SQL Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco vManage Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.4", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200318 Cisco SD-WAN Solution vManage SQL Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject", }, ], }, source: { advisory: "cisco-sa-20200318-vmanage-cypher-inject", defect: [ [ "CSCvr42496", "CSCvs49675", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-16012", datePublished: "2020-03-19T15:35:27.699415Z", dateReserved: "2019-09-06T00:00:00", dateUpdated: "2024-11-15T17:33:02.770Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1650
Vulnerability from cvelistv5
Published
2019-01-24 15:00
Modified
2024-11-20 17:28
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the save command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/106716 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:20:28.362Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "106716", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106716", }, { name: "20190123 Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1650", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:56:03.197418Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:28:27.959Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-01-23T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the save command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-01-25T10:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "106716", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106716", }, { name: "20190123 Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write", }, ], source: { advisory: "cisco-sa-20190123-sdwan-file-write", defect: [ [ "CSCvi69862", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-01-23T16:00:00-0800", ID: "CVE-2019-1650", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the save command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.8", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "106716", refsource: "BID", url: "http://www.securityfocus.com/bid/106716", }, { name: "20190123 Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write", }, ], }, source: { advisory: "cisco-sa-20190123-sdwan-file-write", defect: [ [ "CSCvi69862", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1650", datePublished: "2019-01-24T15:00:00Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:28:27.959Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1510
Vulnerability from cvelistv5
Published
2021-05-06 12:42
Modified
2024-11-08 23:19
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN vEdge router |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:17.717Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1510", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:17:50.293104Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:19:11.003Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN vEdge router", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-05-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-06T12:42:02", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], source: { advisory: "cisco-sa-sdwan-buffover-MWGucjtO", defect: [ [ "CSCvt11545", "CSCvu28407", "CSCvu28442", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-05-05T16:00:00", ID: "CVE-2021-1510", STATE: "PUBLIC", TITLE: "Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN vEdge router", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.5", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20210505 Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], }, source: { advisory: "cisco-sa-sdwan-buffover-MWGucjtO", defect: [ [ "CSCvt11545", "CSCvu28407", "CSCvu28442", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1510", datePublished: "2021-05-06T12:42:02.917449Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:19:11.003Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3351
Vulnerability from cvelistv5
Published
2020-07-16 17:21
Modified
2024-11-15 16:54
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.155Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200715 Cisco SD-WAN Solution Software Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3351", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:21:03.583855Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T16:54:26.941Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-07-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-16T17:21:19", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200715 Cisco SD-WAN Solution Software Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB", }, ], source: { advisory: "cisco-sa-sdw-dos-KWOdyHnB", defect: [ [ "CSCvj14805", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Solution Software Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-07-15T16:00:00", ID: "CVE-2020-3351", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Solution Software Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.6", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "20200715 Cisco SD-WAN Solution Software Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB", }, ], }, source: { advisory: "cisco-sa-sdw-dos-KWOdyHnB", defect: [ [ "CSCvj14805", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3351", datePublished: "2020-07-16T17:21:19.642695Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T16:54:26.941Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1528
Vulnerability from cvelistv5
Published
2021-06-04 16:45
Modified
2024-11-07 22:09
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco SD-WAN Solution |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:17.699Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210602 Cisco SD-WAN Software Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1528", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-07T21:43:49.366641Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-07T22:09:53.223Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco SD-WAN Solution", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-06-02T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-250", description: "CWE-250", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-04T16:45:40", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210602 Cisco SD-WAN Software Privilege Escalation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF", }, ], source: { advisory: "cisco-sa-sd-wan-fuErCWwF", defect: [ [ "CSCvx49259", ], ], discovery: "INTERNAL", }, title: "Cisco SD-WAN Software Privilege Escalation Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-06-02T16:00:00", ID: "CVE-2021-1528", STATE: "PUBLIC", TITLE: "Cisco SD-WAN Software Privilege Escalation Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco SD-WAN Solution", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-250", }, ], }, ], }, references: { reference_data: [ { name: "20210602 Cisco SD-WAN Software Privilege Escalation Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF", }, ], }, source: { advisory: "cisco-sa-sd-wan-fuErCWwF", defect: [ [ "CSCvx49259", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1528", datePublished: "2021-06-04T16:45:40.937983Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-07T22:09:53.223Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7BFED2F3-4C18-4BE5-9F97-2CFCE37E7A2E", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B89D5AE2-3ED3-4C57-AF93-E9750D38F029", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "FDE3B3E4-CE46-454C-B7A1-2A42657C7035", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50C849A5-EBF4-4CD7-93AE-503C3E0B7A05", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "834192CC-585D-445E-B2AD-D73E9CDF3FED", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "9D905B3F-094C-472C-AAAD-A4129282E942", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "12136AD8-9113-46B9-B6A9-0C330ABB05B9", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "772B02D0-4C02-4C27-AAA4-AF0BAF00A047", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "829BA8C4-8E99-4338-817B-9F9FF37105BE", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6375DFCF-2EEB-482B-AAD4-8FAB8F03C9C0", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "EF7DE9EC-0075-4655-A888-A4ED3DB002A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "200199EC-2819-4DE0-828C-0F56790CA1B4", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "104BBAE4-C7C1-4E5A-A540-AF679FCE1CD2", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "9E03BDAC-9DF0-444D-B5C8-483892B31982", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E479E1A4-0F80-4FDC-8F9F-9E23A885179A", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "584863D2-B181-4CDF-8266-EEBA56A5AA85", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "BADF97B2-33D0-4A28-BDFC-CBD3A235EF5F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4288CD57-CDEE-4B03-8163-7CDDE7767914", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50C0D971-E2C4-4048-A08F-0A5D437866F8", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "1E998DFA-CE7F-4954-AB06-CBB15317C6A7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "12136AD8-9113-46B9-B6A9-0C330ABB05B9", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "772B02D0-4C02-4C27-AAA4-AF0BAF00A047", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "430D9FAC-36E8-4AB0-85F2-88D7EF1F6B7A", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDBBDE43-BBAE-431B-AF56-73D9CC8743F7", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "C0D58D17-951F-446E-8004-A489E3A9725E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*", matchCriteriaId: "94999112-9EAA-4707-B002-F867D7628C49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.", }, { lang: "es", value: "Múltiples vulnerabilidades en Cisco SD-WAN vEdge Software, podrían permitir a un atacante ejecutar código arbitrario como usuario root o causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Para obtener más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso", }, ], id: "CVE-2021-1510", lastModified: "2024-11-21T05:44:30.783", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-06T13:15:10.753", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-24 15:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/106723 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106723 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | sd-wan | * | |
| cisco | vbond_orchestrator | - | |
| cisco | vmanage_network_management | - | |
| cisco | vsmart_controller | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8569BEE0-3BDA-4349-9FAC-6ACE0A4E3C28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93A1525E-AB99-4217-8C31-1F040710B155", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50272035-AE86-4BD5-88FA-929157267BC8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACE381F7-295F-4F05-84B0-3F07E099AD59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", matchCriteriaId: "698D777B-1AB1-4A54-98EC-8948BF287DA9", versionEndExcluding: "18.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*", matchCriteriaId: "BA648664-0734-4D02-8944-CA4DF4D756D6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vmanage_network_management:-:*:*:*:*:*:*:*", matchCriteriaId: "DDF9528B-1D1E-4CF2-ABA8-D01CC6F4A8BD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16884C-A2EE-4867-8806-6418E000078C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by sending crafted commands to the CLI of an affected device. A successful exploit could allow the attacker to establish an interactive session with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de línea de comandos (CLI) local de la solución Cisco SD-WAN podría permitir a un atacante local autenticado escalar privilegios y modificar los archivos de configuración de dispositivo. La vulnerabilidad existe porque las entradas del usuario no se sanean de manera correcta para determinados comandos en la CLI. Un atacante podría explotar esta vulnerabilidad enviando comandos manipulados a la CLI de un dispositivo afectado. Un exploit con éxito podría permitir que el atacante establezca una sesión interactiva con privilegios escalados. Posteriormente, el atacante podría utilizar dichos privilegios elevados para comprometer el dispositivo u obtener datos de configuración adicionales.", }, ], id: "CVE-2019-1646", lastModified: "2024-11-21T04:37:00.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-24T15:29:00.643", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106723", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106723", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "294BFF76-0352-4778-B6DA-3F8D5C69B5EE", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3366F4EC-9DCD-44F8-8430-1B3BA7A9B95F", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C2D155FE-14C5-4658-A5D4-974DCE7FED4F", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BE2C4782-DD4D-4113-A367-13DA609AD5F4", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "DBCB1ED4-B8F6-454A-A50E-1E6C5799A38B", versionEndExcluding: "18.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "52660B0F-9951-4720-9243-C04D19E1C900", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "43CB0C13-B19C-4716-9079-E3187C6A8F60", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "5CBDDA10-0C6A-4AE2-A79D-6ACE91BCE422", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "3079495E-BB87-48EF-92F2-5C0DFBBDFB2D", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "CA56832C-0BA7-49F8-B03D-F7A8DDBA2D76", versionEndExcluding: "18.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F385B4-A7C9-4964-9A2F-9B246C2A4219", versionEndExcluding: "18.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "35D792D2-7C42-4E49-A024-7D8F10A5CD03", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89290824-9E80-4DA6-B943-500A9DC80EF4", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "57361E3C-D8AD-4971-8015-96B8910B847D", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6B61FD2-6C23-4A1A-AED4-CAD54D0715C4", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "FF370668-127C-409B-83FE-293B830D4FB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7E03063D-9DB6-4D3A-8FFF-C530635371CC", versionEndExcluding: "18.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "43E988F6-8D4D-4E75-9C43-31E92AA3F85A", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C67D65F-5DBD-4DCE-84CF-F1F2FBA4A250", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7BFED2F3-4C18-4BE5-9F97-2CFCE37E7A2E", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B89D5AE2-3ED3-4C57-AF93-E9750D38F029", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BBF226AE-FF8F-4203-8DAC-438E82AEC85A", versionEndExcluding: "18.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1AD6B70F-1356-4AB4-A8DB-6BB3BAD854A6", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "669F7796-2CBF-42BF-91C4-F861DF09D4B7", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50C849A5-EBF4-4CD7-93AE-503C3E0B7A05", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "834192CC-585D-445E-B2AD-D73E9CDF3FED", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9A5A7F2E-0B61-4C4C-AE1F-BAFB735DA905", versionEndExcluding: "18.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1158B505-4DAC-42BB-A9E5-533BCA7545F4", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "427DC9A5-3374-440C-A797-DC7BBCCCB13D", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "12136AD8-9113-46B9-B6A9-0C330ABB05B9", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E77822B-DEF3-44C3-9AFE-A406ECD26EE5", versionEndExcluding: "18.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9A4C603C-9858-4048-AA20-7C7F7BB84DBD", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A51AE026-39C0-400B-8E78-21ACBF6D560F", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "829BA8C4-8E99-4338-817B-9F9FF37105BE", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6375DFCF-2EEB-482B-AAD4-8FAB8F03C9C0", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "646D2962-5FB3-45E1-B743-CFDF6219742B", versionEndExcluding: "18.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B55B533F-0942-4848-A823-8D17BD9C70AC", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04BBF912-56A4-4B0D-AEDE-3B4A66E46DC6", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "200199EC-2819-4DE0-828C-0F56790CA1B4", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "104BBAE4-C7C1-4E5A-A540-AF679FCE1CD2", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "66F09F72-2D64-4952-8ED1-5B1D8817B065", versionEndExcluding: "18.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28170198-23CE-48F9-8502-3C0F51EDCB33", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48758B17-6BB7-45BB-AB83-36AF55238250", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E479E1A4-0F80-4FDC-8F9F-9E23A885179A", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "584863D2-B181-4CDF-8266-EEBA56A5AA85", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5488D32F-808B-4327-8C57-13F270C02C1B", versionEndExcluding: "18.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B559B94-0730-4F3D-90AB-E71D2E684C19", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2090A040-270A-4BD1-8430-603C709F64E8", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4288CD57-CDEE-4B03-8163-7CDDE7767914", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50C0D971-E2C4-4048-A08F-0A5D437866F8", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F1B097C-09B1-4DC6-B0F9-92E01C415DF3", versionEndExcluding: "18.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2FA95C6C-72C5-4DDF-B036-5AB2900C9C71", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C8123987-EAD3-47D2-AD9F-167A1D52AEF7", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25953689-6E4F-477A-A251-54C1D8ED8880", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3414238A-002E-48F7-82DE-FE4122B1A10A", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge-100b:-:*:*:*:*:*:*:*", matchCriteriaId: "07E7851F-3E72-4677-B907-CF777EBED2FF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "83F5CAE4-CB80-441B-928D-86C13570AA1B", versionEndExcluding: "18.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC788143-279B-4325-988A-5FBAA4B438CC", versionEndExcluding: "20.1.1", versionStartIncluding: "20.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2FBE16B1-8E2A-4DF8-B362-86874FAC1F0C", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "430D9FAC-36E8-4AB0-85F2-88D7EF1F6B7A", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDBBDE43-BBAE-431B-AF56-73D9CC8743F7", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*", matchCriteriaId: "94999112-9EAA-4707-B002-F867D7628C49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de Cisco SD-WAN Software, podría permitir a un atacante local autenticado inyectar comandos arbitrarios para que sean ejecutados con privilegios de administrador en el Sistema Operativo subyacente. Esta vulnerabilidad es debido a una comprobación insuficiente de la entrada en determinados comandos de la CLI. Un atacante podría explotar esta vulnerabilidad si se autentica en el dispositivo y envía una entrada diseñada a la CLI. El atacante debe estar autenticado como un usuario poco privilegiado para ejecutar los comandos afectados. Una explotación con éxito podría permitir al atacante ejecutar comandos con privilegios de administrador", }, ], id: "CVE-2021-1514", lastModified: "2024-11-21T05:44:31.353", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 2.5, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-06T13:15:10.887", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-19 16:15
Modified
2024-11-21 04:29
Severity ?
Summary
A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD64DC2A-34EF-4DBC-A08B-39671B279310", versionEndExcluding: "19.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system.", }, { lang: "es", value: "Una vulnerabilidad en la Interfaz de Usuario web del software Cisco SD-WAN Solution vManage, podría permitir a un atacante remoto autenticado conducir ataques de inyección SQL en un sistema afectado. La vulnerabilidad se presenta porque la Interfaz de Usuario web comprueba inapropiadamente los valores de SQL. Un atacante podría explotar esta vulnerabilidad al autenticarse en la aplicación y al enviar consultas SQL maliciosas hacia un sistema afectado. Una explotación con éxito podría permitir al atacante modificar valores o devolver valores desde la base de datos subyacente, así como desde el sistema operativo.", }, ], id: "CVE-2019-16012", lastModified: "2024-11-21T04:29:55.720", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 8.5, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 9.2, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-19T16:15:14.627", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFBD73B-485E-4E85-9BD2-458BF0118A77", versionEndExcluding: "18.4.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29124AAF-CC72-4B12-B1DE-92B10477805D", versionEndExcluding: "19.2.3", versionStartIncluding: "19.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de administración basada en web para Cisco SD-WAN vManage Software podría permitir a un atacante remoto autenticado afectar la integridad de un sistema afectado mediante una ejecución de consultas SQL arbitrarias. La vulnerabilidad es debido a una comprobación insuficiente de las entradas suministradas por el usuario. Un atacante podría explotar esta vulnerabilidad mediante el envío de entradas diseñadas que incluyen declaraciones SQL hacia un sistema afectado. Una explotación con éxito podría permitir al atacante modificar entradas en algunas tablas de la base de datos, afectando la integridad de los datos", }, ], id: "CVE-2020-3378", lastModified: "2024-11-21T05:30:54.797", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-16T18:15:18.597", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sivm-M8wugR9O", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3FB1FC04-6D73-42F5-9809-EF03C1394F75", versionEndExcluding: "19.2.3", versionStartIncluding: "19.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3366F4EC-9DCD-44F8-8430-1B3BA7A9B95F", versionEndExcluding: "20.3.1", versionStartIncluding: "20.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C2D155FE-14C5-4658-A5D4-974DCE7FED4F", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BE2C4782-DD4D-4113-A367-13DA609AD5F4", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*", matchCriteriaId: "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "37F7EB56-340D-46CE-BA4C-34FAE6843830", versionEndExcluding: "18.4.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "9E4006C4-164F-44EA-84BD-C0BBA5EBD59F", versionEndExcluding: "20.1.2", versionStartIncluding: "20.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vsmart_controller_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "300CB6ED-1ECC-4007-A522-06C07B83ED55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "FF370668-127C-409B-83FE-293B830D4FB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86317BCD-C9A3-41A3-9BEB-EDAD5428B0DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "97D2D470-F97D-4B59-ACBA-866049389EF1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2036EAF7-2541-4C35-B1C4-9E0957272FAD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1693BEA9-3FCA-4B96-8CB2-E43BA56A9CCA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "90003391-8A4D-4A7E-8D1B-AC1700D4CEDC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9D5725A7-6EA8-405E-B1AF-7C787DD6728B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "050982D6-BB38-44D0-B67E-73DE9E7567AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge-100b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "61DE4E07-253D-44FD-93A4-3750603B44AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge-100b:-:*:*:*:*:*:*:*", matchCriteriaId: "07E7851F-3E72-4677-B907-CF777EBED2FF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "32A4CEAC-97A4-4A0A-BEF1-B015FBE4E6FF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*", matchCriteriaId: "94999112-9EAA-4707-B002-F867D7628C49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de Cisco SD-WAN Software, podría permitir a un atacante local autenticado sobrescribir archivos arbitrarios en el sistema de archivos subyacente de un sistema afectado. Esta vulnerabilidad es debido a una comprobación insuficiente de los parámetros de la entrada proporcionados por el usuario de un comando CLI específico. Un atacante podría explotar esta vulnerabilidadal al emitir ese comando con parámetros específicos. Una explotación con éxito podría permitir al atacante sobrescribir el contenido de cualquier archivo arbitrario que resida en el sistema de archivos del host subyacente", }, ], id: "CVE-2021-1512", lastModified: "2024-11-21T05:44:31.073", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-06T13:15:10.817", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-552", }, ], source: "psirt@cisco.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-19 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD64DC2A-34EF-4DBC-A08B-39671B279310", versionEndExcluding: "19.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del software Cisco SD-WAN Solution, podría permitir a un atacante local autenticado inyectar comandos arbitrarios que son ejecutados con privilegios root. La vulnerabilidad es debido a una comprobación de entrada insuficiente. Un atacante podría explotar esta vulnerabilidad al autenticarse en el dispositivo y enviar datos diseñados hacia la utilidad de CLI. El atacante debe estar autenticado para acceder a la utilidad de CLI. Una explotación con éxito podría permitir al atacante ejecutar comandos con privilegios root.", }, ], id: "CVE-2020-3266", lastModified: "2024-11-21T05:30:41.470", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-19T16:15:15.690", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 05:44
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3A19C57E-75A5-47AA-94B7-A7ADC2CD7091", versionEndExcluding: "20.4.2", versionStartIncluding: "18.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D860DAF6-2876-4F54-ACBF-B217E709BD7F", versionEndExcluding: "20.6.1", versionStartIncluding: "20.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "9F397362-BB17-4F5E-AFA3-B604A96C7BAE", versionEndExcluding: "20.4.2", versionStartIncluding: "18.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "15F9C222-75A1-44F8-A726-46CA77430D2F", versionEndExcluding: "20.5.2", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "F05A7552-5CFC-47EE-BA6B-98D423761369", versionEndExcluding: "20.6.1", versionStartIncluding: "20.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "DC5C7C68-74C1-4D7F-848B-16C8566C0F42", versionEndExcluding: "20.5.2", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D99340DC-B83C-4F81-969F-C0A6E7CC4A54", versionEndExcluding: "20.4.2", versionStartIncluding: "18.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "918ACCD9-0F3F-4EF3-8C0A-AE30F69BC8E9", versionEndExcluding: "20.5.2", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6A923BEA-61C4-4A2E-A7DD-BB389FF661CB", versionEndExcluding: "20.6.1", versionStartIncluding: "20.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "FF370668-127C-409B-83FE-293B830D4FB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F7887226-3051-4914-8B0E-5DF4296AB68E", versionEndExcluding: "20.4.2", versionStartIncluding: "18.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "210F5970-F029-4E1F-97E4-0813F78CA88C", versionEndExcluding: "20.5.2", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99B58689-4FDF-4811-B1EE-584F777B696D", versionEndExcluding: "20.6.1", versionStartIncluding: "20.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F443A171-E27A-4173-BB09-77E0A1587CE6", versionEndExcluding: "20.4.2", versionStartIncluding: "18.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "047C57D1-C8B3-46F2-8B02-8467AF57D71A", versionEndExcluding: "20.5.2", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2FF65836-25C3-46C7-8989-9ABF3069D13F", versionEndExcluding: "20.6.1", versionStartIncluding: "20.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61682805-F527-473D-970A-B68053889AC8", versionEndExcluding: "20.4.2", versionStartIncluding: "18.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1ECE5A2-ED32-4453-A0FC-78A3D0D4F554", versionEndExcluding: "20.5.2", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E3A99ECD-E6FE-4BF8-BE6D-22005B5E387A", versionEndExcluding: "20.6.1", versionStartIncluding: "20.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E00BBD5-A34A-47EF-9BCA-7100D2282A72", versionEndExcluding: "20.4.2", versionStartIncluding: "18.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F42BACEF-31BE-4FEF-8BD3-8EC2D5A59194", versionEndExcluding: "20.5.2", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00A3ECC6-E30A-4611-9872-8C6133F4A0C6", versionEndExcluding: "20.6.1", versionStartIncluding: "20.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "449AC46F-BE53-4706-A448-83A848492637", versionEndExcluding: "20.4.2", versionStartIncluding: "18.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42659BBF-8707-4DAC-8A5D-0E9DC10DD68F", versionEndExcluding: "20.5.2", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9899709-00DD-4934-9A54-3FDB171C2E74", versionEndExcluding: "20.6.1", versionStartIncluding: "20.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A27667C1-0EF2-419D-A216-83FBC3F5A61E", versionEndExcluding: "20.4.2", versionStartIncluding: "18.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6954D048-EE8D-4923-9F10-18FD941AF72A", versionEndExcluding: "20.5.2", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95ED1F5D-5573-4886-A875-10DD93AE495B", versionEndExcluding: "20.6.1", versionStartIncluding: "20.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB95804D-0357-4F33-ABB2-AB04C34D3095", versionEndExcluding: "20.4.2", versionStartIncluding: "18.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DAE58206-30C8-4734-B5BB-1FD631351F49", versionEndExcluding: "20.5.2", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BCB1732D-73DA-4125-A2FE-A79435B550AC", versionEndExcluding: "20.6.1", versionStartIncluding: "20.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "56637DFC-FD0A-4714-9988-2DE80B3FB7BE", versionEndExcluding: "20.4.2", versionStartIncluding: "18.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00C2DEED-5833-4E13-BBB3-5E5FE837979D", versionEndExcluding: "20.5.2", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BF84BFB-E819-4C59-B16D-B00508218CE3", versionEndExcluding: "20.6.1", versionStartIncluding: "20.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*", matchCriteriaId: "94999112-9EAA-4707-B002-F867D7628C49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de Cisco SD-WAN Software podría permitir a un atacante local autenticado acceder a información confidencial. Esta vulnerabilidad es debido a protecciones inapropiadas en el acceso a archivos mediante la CLI. Un atacante podría explotar esta vulnerabilidad al ejecutar un comando de la CLI que tenga como objetivo un archivo arbitrario en el sistema local. Una explotación con éxito podría permitir al atacante devolver porciones de un archivo arbitrario, posiblemente resultando en una divulgación de información confidencial", }, ], id: "CVE-2021-1546", lastModified: "2024-11-21T05:44:35.523", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-23T03:15:11.183", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-Fhqh8pKX", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-209", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-209", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7BFED2F3-4C18-4BE5-9F97-2CFCE37E7A2E", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B89D5AE2-3ED3-4C57-AF93-E9750D38F029", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "FDE3B3E4-CE46-454C-B7A1-2A42657C7035", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50C849A5-EBF4-4CD7-93AE-503C3E0B7A05", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "834192CC-585D-445E-B2AD-D73E9CDF3FED", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "9D905B3F-094C-472C-AAAD-A4129282E942", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "12136AD8-9113-46B9-B6A9-0C330ABB05B9", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "772B02D0-4C02-4C27-AAA4-AF0BAF00A047", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "829BA8C4-8E99-4338-817B-9F9FF37105BE", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6375DFCF-2EEB-482B-AAD4-8FAB8F03C9C0", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "EF7DE9EC-0075-4655-A888-A4ED3DB002A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "200199EC-2819-4DE0-828C-0F56790CA1B4", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "104BBAE4-C7C1-4E5A-A540-AF679FCE1CD2", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "9E03BDAC-9DF0-444D-B5C8-483892B31982", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E479E1A4-0F80-4FDC-8F9F-9E23A885179A", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "584863D2-B181-4CDF-8266-EEBA56A5AA85", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "BADF97B2-33D0-4A28-BDFC-CBD3A235EF5F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4288CD57-CDEE-4B03-8163-7CDDE7767914", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50C0D971-E2C4-4048-A08F-0A5D437866F8", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "1E998DFA-CE7F-4954-AB06-CBB15317C6A7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "12136AD8-9113-46B9-B6A9-0C330ABB05B9", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "772B02D0-4C02-4C27-AAA4-AF0BAF00A047", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "430D9FAC-36E8-4AB0-85F2-88D7EF1F6B7A", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDBBDE43-BBAE-431B-AF56-73D9CC8743F7", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "C0D58D17-951F-446E-8004-A489E3A9725E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*", matchCriteriaId: "94999112-9EAA-4707-B002-F867D7628C49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.", }, { lang: "es", value: "Múltiples vulnerabilidades en Cisco SD-WAN vEdge Software, podrían permitir a un atacante ejecutar código arbitrario como usuario root o causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Para obtener más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso", }, ], id: "CVE-2021-1509", lastModified: "2024-11-21T05:44:30.627", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 8.5, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-06T13:15:10.723", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-05 14:29
Modified
2024-11-21 03:38
Severity ?
Summary
A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/105295 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105295 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | vbond_orchestrator | - | |
| cisco | vedge_cloud_router_platform | - | |
| cisco | vmanage_network_management_system | - | |
| cisco | vsmart_controller | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9DA7EC35-E407-451C-A74C-7E56D802B868", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA91A271-08ED-40C9-885B-D2F67BBF2B7E", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "35386A93-1EBF-4347-B916-E915D574AF15", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC8AC6B8-A07F-4E52-B2D0-F5EC3061060B", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*", matchCriteriaId: "BA648664-0734-4D02-8944-CA4DF4D756D6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vedge_cloud_router_platform:-:*:*:*:*:*:*:*", matchCriteriaId: "E8872C5F-974E-4678-80FA-7C3FEC6B533B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vmanage_network_management_system:-:*:*:*:*:*:*:*", matchCriteriaId: "2D9794CD-0EE1-4203-A232-9365D4AEE837", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16884C-A2EE-4867-8806-6418E000078C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de línea de comandos (CLI) en Cisco SD-WAN Solution podría permitir que un atacante local autenticado inyecte comandos arbitrarios que se ejecutan con privilegios root. Esta vulnerabilidad se debe a una validación de entradas insuficiente. Un atacante podría explotar esta vulnerabilidad autenticándose en el dispositivo y enviando una entrada manipulada a la utilidad CLI. El atacante debe estar autenticado para acceder a la utilidad CLI. Su explotación con éxito podría permitir que el atacante ejecute comandos con privilegios root.", }, ], id: "CVE-2018-0433", lastModified: "2024-11-21T03:38:13.203", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-05T14:29:01.607", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105295", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105295", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-04 17:15
Modified
2024-11-21 05:44
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0ABABC6A-BE28-4107-A00F-E6D8841168F5", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BE2C4782-DD4D-4113-A367-13DA609AD5F4", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "C8099190-F1EC-4AFC-9607-5F13E09B7C26", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "3079495E-BB87-48EF-92F2-5C0DFBBDFB2D", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:vsmart_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "A234D95C-0AC1-4183-8457-550932E10B7E", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vsmart_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "9E3634B4-6146-4DF5-B242-6606F6CCBA00", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4E75BF8E-8BA5-4A53-9CE9-F10CC245FFC3", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B89D5AE2-3ED3-4C57-AF93-E9750D38F029", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6916F5F8-4E5B-4878-9C08-430F30EB61FD", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "834192CC-585D-445E-B2AD-D73E9CDF3FED", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D0C212A-DDCE-4D44-8D2A-8A7DEC4C30E2", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7B4CFA5-743E-4A04-9FED-CB9A5F587192", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6375DFCF-2EEB-482B-AAD4-8FAB8F03C9C0", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DA09C6C5-B770-4C42-8DE0-4482D7FC5512", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "104BBAE4-C7C1-4E5A-A540-AF679FCE1CD2", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E609583F-9F2E-435A-88A3-77950F3825BD", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "584863D2-B181-4CDF-8266-EEBA56A5AA85", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "39F5B972-D194-4333-BEF6-129BEBB61E9E", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50C0D971-E2C4-4048-A08F-0A5D437866F8", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D0C212A-DDCE-4D44-8D2A-8A7DEC4C30E2", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E8696F30-DB2C-46D8-99BF-68A3D3AC0988", versionEndExcluding: "20.4.2", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDBBDE43-BBAE-431B-AF56-73D9CC8743F7", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*", matchCriteriaId: "94999112-9EAA-4707-B002-F867D7628C49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del Software Cisco SD-WAN, podría permitir a un atacante local autenticado alcanzar privilegios elevados en un sistema afectado. Esta vulnerabilidad se presenta porque el software afectado no restringe apropiadamente el acceso a los procesos con privilegios. Un atacante podría explotar esta vulnerabilidad al invocar un proceso privilegiado en el sistema afectado. Una explotación con éxito podría permitir al atacante llevar a cabo acciones con los privilegios del usuario root", }, ], id: "CVE-2021-1528", lastModified: "2024-11-21T05:44:33.277", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-04T17:15:09.020", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-250", }, ], source: "psirt@cisco.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-19 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFBD73B-485E-4E85-9BD2-458BF0118A77", versionEndExcluding: "18.4.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "668E1C16-F991-4BB9-AF14-35625368AE8D", versionEndExcluding: "19.2.2", versionStartIncluding: "19.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:20.1.0:*:*:*:*:*:*:*", matchCriteriaId: "9FF9C5E2-1A91-43A0-8F51-05A2E204BF01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*", matchCriteriaId: "3414A3DC-8CF2-41B5-BD73-127712934DE8", vulnerable: false, }, { criteria: "cpe:2.3:a:cisco:vmanage_network_management_system:-:*:*:*:*:*:*:*", matchCriteriaId: "2D9794CD-0EE1-4203-A232-9365D4AEE837", vulnerable: false, }, { criteria: "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16884C-A2EE-4867-8806-6418E000078C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges.", }, { lang: "es", value: "Una vulnerabilidad en el software Cisco SD-WAN Solution, podría permitir a un atacante local autenticado elevar los privilegios a root sobre el sistema operativo subyacente. La vulnerabilidad es debido a una comprobación de entrada insuficiente. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición diseñada hacia un sistema afectado. Una explotación con éxito podría permitir al atacante alcanzar privilegios de nivel root.", }, ], id: "CVE-2020-3265", lastModified: "2024-11-21T05:30:41.343", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-19T16:15:15.613", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to the affected web-based management interface. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and could result in a DoS condition.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0D4C4CE-E286-45C7-AFA7-B876D15C6FCD", versionEndExcluding: "19.2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D243D326-0D82-4B1E-A306-B8FDBA940F63", versionEndExcluding: "20.1.12", versionStartIncluding: "20.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to the affected web-based management interface. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and could result in a DoS condition.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de administración basada en web de Cisco SD-WAN vManage Software podría permitir a un atacante remoto autenticado consumir memoria excesiva del sistema y causar una condición de denegación de servicio (DoS) sobre un sistema afectado. La vulnerabilidad es debido a una gestión de memoria ineficiente. Un atacante podría explotar esta vulnerabilidad mediante el envío de una gran cantidad de peticiones HTTP diseñadas a la interfaz de administración basada en web afectada. Una explotación con éxito podría permitir a un atacante agotar la memoria del sistema, lo que podría causar que el sistema deje de procesar nuevas conexiones y podría resultar en una condición DoS", }, ], id: "CVE-2020-3372", lastModified: "2024-11-21T05:30:54.057", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-16T18:15:18.487", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-emvman-3y6LuTcZ", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-09-30 19:15
Modified
2024-11-21 06:43
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | catalyst_sd-wan_manager | 20.8 | |
| cisco | catalyst_sd-wan_manager | 20.9 | |
| cisco | sd-wan_vbond_orchestrator | * | |
| cisco | sd-wan_vbond_orchestrator | 20.8 | |
| cisco | sd-wan_vbond_orchestrator | 20.9 | |
| cisco | sd-wan_vmanage | * | |
| cisco | sd-wan_vsmart_controller | * | |
| cisco | sd-wan_vsmart_controller | 20.8 | |
| cisco | sd-wan_vsmart_controller | 20.9 | |
| cisco | sd-wan | * | |
| cisco | sd-wan | 20.8 | |
| cisco | sd-wan | 20.9 | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000 | - | |
| cisco | vedge_100b | - | |
| cisco | vedge_100m | - | |
| cisco | vedge_100wm | - | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.8:*:*:*:*:*:*:*", matchCriteriaId: "0493FE21-BB5A-41D3-9EBD-2C2BD165D5CF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9:*:*:*:*:*:*:*", matchCriteriaId: "14E0AF41-0322-4F59-A2E2-DF709FC365E2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "D46A4FAD-C08D-434F-8F34-7256196AC215", versionEndExcluding: "20.6.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:20.8:*:*:*:*:*:*:*", matchCriteriaId: "B62FF06E-8A11-41B5-B67C-9C008B5832F6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:20.9:*:*:*:*:*:*:*", matchCriteriaId: "0FB7C1FF-B18D-47CA-BC1A-34C0029DC2AE", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "1885D68A-547F-4C24-AE92-9F0D620E2018", versionEndExcluding: "20.6.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "1032BCB0-0343-46C3-A094-A484551D6DD5", versionEndExcluding: "20.6.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vsmart_controller:20.8:*:*:*:*:*:*:*", matchCriteriaId: "D65F88EF-F2A8-4798-A88B-5B0584760E7A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vsmart_controller:20.9:*:*:*:*:*:*:*", matchCriteriaId: "E74B8658-FF4B-4DBA-AADA-73655B76339A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", matchCriteriaId: "D7E43D23-7294-4CCC-8B7C-D9231115CA61", versionEndExcluding: "20.6.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan:20.8:*:*:*:*:*:*:*", matchCriteriaId: "8CEAD0DC-6407-4D23-A73D-0089C31CEB39", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan:20.9:*:*:*:*:*:*:*", matchCriteriaId: "25734138-B0A8-41C1-B7C4-6D1B011C4FBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del software Cisco SD-WAN podría permitir a un atacante local autenticado sobrescribir y posiblemente corromper archivos en un sistema afectado. Esta vulnerabilidad es debido a que la comprobación de entradas es insuficiente. Un atacante podría explotar esta vulnerabilidad al inyectar comandos arbitrarios que son ejecutados como la cuenta de usuario root. Una explotación con éxito podría permitir al atacante sobrescribir archivos arbitrarios del sistema, lo que podría resultar en una condición de denegación de servicio (DoS)", }, ], id: "CVE-2022-20930", lastModified: "2024-11-21T06:43:50.820", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-30T19:15:13.557", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-88", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-24 15:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/106719 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106719 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | sd-wan | * | |
| cisco | vbond_orchestrator | - | |
| cisco | vmanage_network_management | - | |
| cisco | vsmart_controller | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8569BEE0-3BDA-4349-9FAC-6ACE0A4E3C28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93A1525E-AB99-4217-8C31-1F040710B155", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50272035-AE86-4BD5-88FA-929157267BC8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACE381F7-295F-4F05-84B0-3F07E099AD59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", matchCriteriaId: "698D777B-1AB1-4A54-98EC-8948BF287DA9", versionEndExcluding: "18.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*", matchCriteriaId: "BA648664-0734-4D02-8944-CA4DF4D756D6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vmanage_network_management:-:*:*:*:*:*:*:*", matchCriteriaId: "DDF9528B-1D1E-4CF2-ABA8-D01CC6F4A8BD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16884C-A2EE-4867-8806-6418E000078C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.", }, { lang: "es", value: "Una vulnerabilidad en la configuración del grupo de usuarios de la solución Cisco SD-WAN podría permitir a un atacante local autenticado obtener privilegios elevados en un dispositivo afectado. La vulnerabilidad se debe a un error a la hora de validar correctamente ciertos parámetros incluidos en la configuración \"group\". Un atacante podría explotar esta vulnerabilidad escribiendo un archivo manipulado en el directorio donde la configuración \"user group\" está ubicada en el sistema operativo subyacente. Un exploit exitoso podría permitir que el atacante obtenga privilegios de nivel root y obtenga el control total del dispositivo.", }, ], id: "CVE-2019-1648", lastModified: "2024-11-21T04:37:00.493", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-24T15:29:00.767", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106719", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106719", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", matchCriteriaId: "F82F7DA1-8396-4BCF-9FA2-F88B2B6B35CB", versionEndExcluding: "18.3.6", versionStartIncluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", matchCriteriaId: "AC62B7F1-C94F-4943-AF83-2DB6D7B1C710", versionEndExcluding: "18.4.5", versionStartIncluding: "18.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", matchCriteriaId: "2C11C806-7F69-49D3-A3F5-D6B2AA809D22", versionEndExcluding: "19.2.2", versionStartIncluding: "19.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en Cisco SD-WAN Solution Software podría permitir a un atacante local no autenticado acceder a un dispositivo afectado mediante el uso de una cuenta que tenga una contraseña estática predeterminada. Esta cuenta presenta privilegios root. La vulnerabilidad se presenta porque el software afectado presenta una cuenta de usuario con una contraseña estática predeterminada. Un atacante podría explotar esta vulnerabilidad al conectarse remotamente a un sistema afectado mediante el uso de esta cuenta. Una explotación con éxito podría permitir a un atacante iniciar sesión mediante el uso de esta cuenta con privilegios root", }, ], id: "CVE-2020-3180", lastModified: "2024-11-21T05:30:29.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.5, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-16T18:15:16.940", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-522", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to the affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A3EF017-77E2-4D00-9209-6FC239FFDEF1", versionEndIncluding: "19.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to the affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de administración basada en web de Cisco SD-WAN vManage Software podría permitir a un atacante remoto autenticado llevar a cabo ataques de salto de ruta y obtener acceso de lectura a archivos confidenciales sobre un sistema afectado. La vulnerabilidad es debido a una comprobación insuficiente de las peticiones HTTP. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición HTTP diseñada que contenga secuencias de caracteres de salto de directorio hacia el sistema afectado. Una explotación con éxito podría permitir al atacante visualizar archivos arbitrarios en el sistema afectado", }, ], id: "CVE-2020-3401", lastModified: "2024-11-21T05:30:57.523", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-16T18:15:19.300", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmandowndir-CVGvdKM3", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-09-30 19:15
Modified
2024-11-21 06:43
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | sd-wan_vbond_orchestrator | * | |
| cisco | sd-wan_vmanage | * | |
| cisco | sd-wan_vsmart_controller | * | |
| cisco | ios_xe_sd-wan | * | |
| cisco | sd-wan | * | |
| cisco | 1100-4g_integrated_services_router | - | |
| cisco | 1100-6g_integrated_services_router | - | |
| cisco | 1100_integrated_services_router | - | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000 | - | |
| cisco | vedge_100b | - | |
| cisco | vedge_100m | - | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "D3970BA7-2CD6-4DC1-BEBC-03662C88DA94", versionEndExcluding: "18.4.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "9A3197B1-2306-4B0B-96A2-52BB369EE79C", versionEndExcluding: "18.4.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "12016C30-65D9-4508-B138-0F612736CBF2", versionEndExcluding: "18.4.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*", matchCriteriaId: "052AA171-9B26-4D76-ADA5-1984759AEFB6", versionEndExcluding: "16.10.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", matchCriteriaId: "6A94AB84-87A9-47FB-B3CB-55282536B006", versionEndExcluding: "18.4.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del software Cisco IOS XE SD-WAN independiente y del software Cisco SD-WAN podría permitir a un atacante local autenticado eliminar archivos arbitrarios del sistema de archivos de un dispositivo afectado. Esta vulnerabilidad es debido a una insuficiente comprobación de entradas. Un atacante podría explotar esta vulnerabilidad al inyectar información de ruta de archivos arbitraria cuando son usados comandos en la CLI de un dispositivo afectado. Una explotación con éxito podría permitir al atacante eliminar archivos arbitrarios del sistema de archivos del dispositivo afectado", }, ], id: "CVE-2022-20850", lastModified: "2024-11-21T06:43:41.000", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-30T19:15:12.543", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-19 16:15
Modified
2024-11-21 04:29
Severity ?
Summary
A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD64DC2A-34EF-4DBC-A08B-39671B279310", versionEndExcluding: "19.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.", }, { lang: "es", value: "Una vulnerabilidad en la Interfaz de Usuario web del software Cisco SD-WAN vManage, podría permitir a un atacante remoto autenticado llevar a cabo un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz de administración basada en web del software vManage. La vulnerabilidad es debido a una comprobación de entrada insuficiente suministrada por el usuario por la interfaz de administración basada en web. Un atacante podría explotar esta vulnerabilidad al persuadir a un usuario de la interfaz para que haga clic sobre un enlace diseñado. Una explotación con éxito podría permitir al atacante ejecutar código script arbitrario en el contexto de la interfaz o acceder a información confidencial basada en navegador.", }, ], id: "CVE-2019-16010", lastModified: "2024-11-21T04:29:55.447", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-19T16:15:14.517", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-xss", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | sd-wan_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000 | - | |
| cisco | vedge_100b | - | |
| cisco | vedge_100m | - | |
| cisco | vedge_100wm | - | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000 | - | |
| cisco | vbond_orchestrator | - | |
| cisco | vsmart_controller | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "484C01EF-C2DE-43DB-8C3F-C2C013A182FE", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*", matchCriteriaId: "BA648664-0734-4D02-8944-CA4DF4D756D6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16884C-A2EE-4867-8806-6418E000078C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges.", }, { lang: "es", value: "Una vulnerabilidad en Cisco SD-WAN Solution Software podría permitir a un atacante local autenticado elevar los privilegios a Administrator en el sistema operativo subyacente. La vulnerabilidad es debido a una comprobación de entrada insuficiente. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición diseñada hacia un sistema afectado. Una explotación con éxito podría permitir al atacante conseguir privilegios administrativos", }, ], id: "CVE-2020-3379", lastModified: "2024-11-21T05:30:54.907", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-16T18:15:18.690", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8782BEB0-5880-4DF8-A0E3-A8F45437E121", versionEndExcluding: "20.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C2D155FE-14C5-4658-A5D4-974DCE7FED4F", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BE2C4782-DD4D-4113-A367-13DA609AD5F4", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*", matchCriteriaId: "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vsmart_controller_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "300CB6ED-1ECC-4007-A522-06C07B83ED55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "FF370668-127C-409B-83FE-293B830D4FB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86317BCD-C9A3-41A3-9BEB-EDAD5428B0DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "97D2D470-F97D-4B59-ACBA-866049389EF1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2036EAF7-2541-4C35-B1C4-9E0957272FAD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1693BEA9-3FCA-4B96-8CB2-E43BA56A9CCA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "90003391-8A4D-4A7E-8D1B-AC1700D4CEDC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9D5725A7-6EA8-405E-B1AF-7C787DD6728B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "050982D6-BB38-44D0-B67E-73DE9E7567AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge-100b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "61DE4E07-253D-44FD-93A4-3750603B44AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge-100b:-:*:*:*:*:*:*:*", matchCriteriaId: "07E7851F-3E72-4677-B907-CF777EBED2FF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "32A4CEAC-97A4-4A0A-BEF1-B015FBE4E6FF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*", matchCriteriaId: "94999112-9EAA-4707-B002-F867D7628C49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.", }, { lang: "es", value: "Una vulnerabilidad en el proceso vDaemon de Cisco SD-WAN Software, podría permitir a un atacante remoto no autenticado causar la recarga de un dispositivo, resultando en una condición de denegación de servicio (DoS). Esta vulnerabilidad es debido al manejo insuficiente de paquetes malformados. Un atacante podría explotar esta vulnerabilidad mediante el envío tráfico diseñado hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar que el dispositivo se recargue, resultando en una condición de DoS", }, ], id: "CVE-2021-1513", lastModified: "2024-11-21T05:44:31.207", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-06T13:15:10.850", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-16 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | sd-wan_firmware | * | |
| cisco | sd-wan_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000 | - | |
| cisco | vedge_100b | - | |
| cisco | vedge_100m | - | |
| cisco | vedge_100wm | - | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000 | - | |
| cisco | vedge_cloud_router | - | |
| cisco | vsmart_controller | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63CA5CB9-FD3B-46F0-AA1E-4F538C043863", versionEndExcluding: "17.2.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C47A3040-34A7-4D25-B733-22E90D516D3F", versionEndExcluding: "18.3.0", versionStartIncluding: "17.2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*", matchCriteriaId: "3414A3DC-8CF2-41B5-BD73-127712934DE8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16884C-A2EE-4867-8806-6418E000078C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it.", }, { lang: "es", value: "Una vulnerabilidad en Cisco SD-WAN Solution Software podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS). La vulnerabilidad es debido a una comprobación inapropiada de los campos en los mensajes de interconexión SD-WAN de Cisco que están encapsulados en paquetes UDP. Un atacante podría explotar esta vulnerabilidad mediante el envío de mensajes UDP diseñados hacia el sistema objetivo. Una explotación con éxito podría permitir a un atacante causar un fallo en los servicios del dispositivo, resultando en una condición DoS que podría afectar el dispositivo objetivo y otros dispositivos que dependen de él", }, ], id: "CVE-2020-3351", lastModified: "2024-11-21T05:30:51.480", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-16T18:15:17.907", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-05 14:29
Modified
2024-11-21 03:38
Severity ?
Summary
A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/105296 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105296 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | vmanage_network_management_system | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9DA7EC35-E407-451C-A74C-7E56D802B868", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA91A271-08ED-40C9-885B-D2F67BBF2B7E", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "35386A93-1EBF-4347-B916-E915D574AF15", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC8AC6B8-A07F-4E52-B2D0-F5EC3061060B", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:vmanage_network_management_system:-:*:*:*:*:*:*:*", matchCriteriaId: "2D9794CD-0EE1-4203-A232-9365D4AEE837", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.", }, { lang: "es", value: "Una vulnerabilidad en la característica de manejo de errores de Cisco SD-WAN Solution podría permitir que un atacante remoto autenticado obtenga privilegios elevados en un dispositivo afectado. La vulnerabilidad se debe a un error a la hora de validar correctamente ciertos parámetros incluidos en la configuración de la aplicación de informe de errores. Un atacante podría explotar esta vulnerabilidad mediante el envío de un comando manipulado a la característica de informe de errores. Un exploit exitoso podría permitir que el atacante obtenga privilegios de nivel root y obtenga el control total del dispositivo.", }, ], id: "CVE-2018-0432", lastModified: "2024-11-21T03:38:13.060", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-05T14:29:01.497", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105296", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105296", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-05 14:29
Modified
2024-11-21 03:38
Severity ?
Summary
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/105294 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105294 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | vmanage_network_management_system | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9DA7EC35-E407-451C-A74C-7E56D802B868", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA91A271-08ED-40C9-885B-D2F67BBF2B7E", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "35386A93-1EBF-4347-B916-E915D574AF15", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC8AC6B8-A07F-4E52-B2D0-F5EC3061060B", versionEndExcluding: "18.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:vmanage_network_management_system:-:*:*:*:*:*:*:*", matchCriteriaId: "2D9794CD-0EE1-4203-A232-9365D4AEE837", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software.", }, { lang: "es", value: "Una vulnerabilidad en la característica Zero Touch Provisioning de Cisco SD-WAN Solution podría permitir que un atacante remoto no autenticado obtenga acceso no autorizado a datos sensibles utilizando un certificado no válido. Esta vulnerabilidad también se debe a la validación insuficiente de certificados por parte del software afectado. Un atacante podría explotar esta vulnerabilidad enviando un certificado manipulado a un dispositivo afectado. Una explotación exitosa podría permitir a un atacante realizar ataques Man-in-the-Middle (MitM) para descifrar información confidencial en las conexiones del usuario al software afectado.", }, ], id: "CVE-2018-0434", lastModified: "2024-11-21T03:38:13.330", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-05T14:29:01.700", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105294", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105294", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-295", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-295", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-24 15:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the save command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/106716 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106716 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vedge_100_firmware | * | |
| cisco | vedge_100 | - | |
| cisco | vedge_1000_firmware | * | |
| cisco | vedge_1000 | - | |
| cisco | vedge_2000_firmware | * | |
| cisco | vedge_2000 | - | |
| cisco | vedge_5000_firmware | * | |
| cisco | vedge_5000 | - | |
| cisco | sd-wan | * | |
| cisco | vbond_orchestrator | - | |
| cisco | vmanage_network_management | - | |
| cisco | vsmart_controller | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8569BEE0-3BDA-4349-9FAC-6ACE0A4E3C28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93A1525E-AB99-4217-8C31-1F040710B155", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50272035-AE86-4BD5-88FA-929157267BC8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACE381F7-295F-4F05-84B0-3F07E099AD59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", matchCriteriaId: "698D777B-1AB1-4A54-98EC-8948BF287DA9", versionEndExcluding: "18.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*", matchCriteriaId: "BA648664-0734-4D02-8944-CA4DF4D756D6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vmanage_network_management:-:*:*:*:*:*:*:*", matchCriteriaId: "DDF9528B-1D1E-4CF2-ABA8-D01CC6F4A8BD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16884C-A2EE-4867-8806-6418E000078C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the save command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user.", }, { lang: "es", value: "Una vulnerabilidad en la solución Cisco SD-WAN podría permitir a un atacante remoto autenticado sobrescribir archivos arbitrarios en el sistema operativo subyacente de un dispositivo afectado. La vulnerabilidad se debe a una validación de entrada incorrecta del comando save en la interfaz de línea de comandos (CLI) del software afectado. Un atacante podría explotar esta vulnerabilidad modificando el comando save en la CLI de un dispositivo afectado. Si se explota esta vulnerabilidad con éxito, el atacante podría sobrescribir archivos arbitrarios en el sistema operativo subyacente de un dispositivo afectado y escalar sus privilegios a usuario root.", }, ], id: "CVE-2019-1650", lastModified: "2024-11-21T04:37:00.823", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-24T15:29:00.830", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106716", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106716", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 05:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7BFED2F3-4C18-4BE5-9F97-2CFCE37E7A2E", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B89D5AE2-3ED3-4C57-AF93-E9750D38F029", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "FDE3B3E4-CE46-454C-B7A1-2A42657C7035", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50C849A5-EBF4-4CD7-93AE-503C3E0B7A05", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "834192CC-585D-445E-B2AD-D73E9CDF3FED", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_1000_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "9D905B3F-094C-472C-AAAD-A4129282E942", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "12136AD8-9113-46B9-B6A9-0C330ABB05B9", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "772B02D0-4C02-4C27-AAA4-AF0BAF00A047", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "829BA8C4-8E99-4338-817B-9F9FF37105BE", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6375DFCF-2EEB-482B-AAD4-8FAB8F03C9C0", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100m_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "EF7DE9EC-0075-4655-A888-A4ED3DB002A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "200199EC-2819-4DE0-828C-0F56790CA1B4", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "104BBAE4-C7C1-4E5A-A540-AF679FCE1CD2", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100wm_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "9E03BDAC-9DF0-444D-B5C8-483892B31982", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E479E1A4-0F80-4FDC-8F9F-9E23A885179A", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "584863D2-B181-4CDF-8266-EEBA56A5AA85", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_2000_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "BADF97B2-33D0-4A28-BDFC-CBD3A235EF5F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4288CD57-CDEE-4B03-8163-7CDDE7767914", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50C0D971-E2C4-4048-A08F-0A5D437866F8", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_5000_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "1E998DFA-CE7F-4954-AB06-CBB15317C6A7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "12136AD8-9113-46B9-B6A9-0C330ABB05B9", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "772B02D0-4C02-4C27-AAA4-AF0BAF00A047", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "430D9FAC-36E8-4AB0-85F2-88D7EF1F6B7A", versionEndExcluding: "20.4.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DDBBDE43-BBAE-431B-AF56-73D9CC8743F7", versionEndExcluding: "20.5.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:vedge_cloud_firmware:19.2.99:*:*:*:*:*:*:*", matchCriteriaId: "C0D58D17-951F-446E-8004-A489E3A9725E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*", matchCriteriaId: "94999112-9EAA-4707-B002-F867D7628C49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.", }, { lang: "es", value: "Múltiples vulnerabilidades en Cisco SD-WAN vEdge Software, podrían permitir a un atacante ejecutar código arbitrario como usuario root o causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Para obtener más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso", }, ], id: "CVE-2021-1511", lastModified: "2024-11-21T05:44:30.937", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-06T13:15:10.783", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-19 16:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFBD73B-485E-4E85-9BD2-458BF0118A77", versionEndExcluding: "18.4.5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "668E1C16-F991-4BB9-AF14-35625368AE8D", versionEndExcluding: "19.2.2", versionStartIncluding: "19.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:20.1.0:*:*:*:*:*:*:*", matchCriteriaId: "9FF9C5E2-1A91-43A0-8F51-05A2E204BF01", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sd-wan_firmware:20.3.0:*:*:*:*:*:*:*", matchCriteriaId: "4397A977-28D9-4191-A87C-E2A328C9B82E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*", matchCriteriaId: "3414A3DC-8CF2-41B5-BD73-127712934DE8", vulnerable: false, }, { criteria: "cpe:2.3:a:cisco:vmanage_network_management_system:-:*:*:*:*:*:*:*", matchCriteriaId: "2D9794CD-0EE1-4203-A232-9365D4AEE837", vulnerable: false, }, { criteria: "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "2F16884C-A2EE-4867-8806-6418E000078C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", matchCriteriaId: "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "F019975D-3A45-4522-9CB9-F4258C371DF6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", matchCriteriaId: "0811E0B5-889E-451E-B754-A8FEE32BDFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", matchCriteriaId: "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", matchCriteriaId: "061A302C-8D35-4E80-93DA-916DA7E90C06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", matchCriteriaId: "140AF13E-4463-478B-AA94-97406A80CB86", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "1356861D-E6CA-4973-9597-629507E8C07E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make.", }, { lang: "es", value: "Una vulnerabilidad en el software Cisco SD-WAN Solution, podría permitir a un atacante local autenticado causar un desbordamiento del búfer sobre un dispositivo afectado. La vulnerabilidad es debido a una comprobación de entrada insuficiente. Un atacante podría explotar esta vulnerabilidad mediante el envío de tráfico diseñado hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante conseguir acceso a información a la que no está autorizado y acceder a cambios en el sistema que no está autorizado a realizar.", }, ], id: "CVE-2020-3264", lastModified: "2024-11-21T05:30:41.157", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 6.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 9.2, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-19T16:15:15.487", references: [ { source: "psirt@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/orangecertcc/security-research/security/advisories/GHSA-wwq2-pxrj-v62r", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }