var-202105-0629
Vulnerability from variot
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges. Cisco SD-WAN The software contains a command injection vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Cisco SD-WAN vManage is a software from Cisco that provides software-defined network functions. The software is a form of network virtualization
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0629",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vedge 100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "vedge 100wm",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 5000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "vedge 100m",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "vedge 100m",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "vedge 100m",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 1000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "vedge cloud",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "vedge 100",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "vedge-100b",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 100",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "vedge 100b",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "vedge 100wm",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "vedge cloud",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 100wm",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vsmart controller",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "vedge 100m",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "vedge 100b",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vsmart controller",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "vedge 2000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge-100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 1000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "vedge 2000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "vedge 100wm",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "catalyst sd-wan manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "vedge 100b",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "catalyst sd-wan manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge-100b",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "vedge 2000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 100wm",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "vedge 100b",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "catalyst sd-wan manager",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "vedge 5000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 2000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "vsmart controller",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "vedge 100wm",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "vedge cloud",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "vedge cloud",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "vedge cloud",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 2000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "vedge 1000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge-100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "vedge 5000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "vedge 100",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "catalyst sd-wan manager",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "vedge-100b",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "sd-wan vmanage",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "vedge 2000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 5000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge cloud",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 1000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "vedge 100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "vedge 100",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 1000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 5000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "vedge 100m",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "vedge 5000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "vedge cloud",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "catalyst sd-wan manager",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 100",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "vedge 1000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "vedge 5000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 100m",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 100wm",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "vedge 100",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "vedge 2000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "vsmart controller",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "vedge 2000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "vsmart controller",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "vedge 1000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 100m",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "vedge 1000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "vedge 100m",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "vedge-100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "vedge-100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "vedge 1000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "vsmart controller",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vedge 100m",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "vedge 100wm",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "vedge 100wm",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "vsmart controller",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "vedge 2000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "vsmart controller",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "vedge 5000",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "vedge 5000",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "vedge-100b",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "vedge cloud",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "catalyst sd-wan manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.1"
},
{
"model": "vedge-100b",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "sd-wan vbond orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1"
},
{
"model": "vedge 100",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3"
},
{
"model": "vedge 100",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1"
},
{
"model": "vedge 100",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.1"
},
{
"model": "catalyst sd-wan manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.1"
},
{
"model": "vsmart controller",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "catalyst sd-wan manager",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "vedge cloud",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "cisco sd-wan vbond orchestrator",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 1000",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 100m",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 5000",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vsmart controller",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 100b",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 2000",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 100",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "vedge 100wm",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-006841"
},
{
"db": "NVD",
"id": "CVE-2021-1514"
}
]
},
"cve": "CVE-2021-1514",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2021-1514",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-374568",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2021-1514",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ykramarz@cisco.com",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"id": "CVE-2021-1514",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-1514",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-1514",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2021-1514",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-1514",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-144",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-374568",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-1514",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-374568"
},
{
"db": "VULMON",
"id": "CVE-2021-1514"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006841"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-144"
},
{
"db": "NVD",
"id": "CVE-2021-1514"
},
{
"db": "NVD",
"id": "CVE-2021-1514"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges. Cisco SD-WAN The software contains a command injection vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Cisco SD-WAN vManage is a software from Cisco that provides software-defined network functions. The software is a form of network virtualization",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-1514"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006841"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULHUB",
"id": "VHN-374568"
},
{
"db": "VULMON",
"id": "CVE-2021-1514"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-1514",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006841",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021050623",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1535",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202105-144",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-374568",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-1514",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-374568"
},
{
"db": "VULMON",
"id": "CVE-2021-1514"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006841"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-144"
},
{
"db": "NVD",
"id": "CVE-2021-1514"
}
]
},
"id": "VAR-202105-0629",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-374568"
}
],
"trust": 0.87702705
},
"last_update_date": "2024-08-14T13:06:42.042000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-sdwan-privesc-QVszVUPy",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy"
},
{
"title": "Cisco\u00a0SD-WAN vManage Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=151198"
},
{
"title": "Cisco: Cisco SD-WAN Software Privilege Escalation Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sdwan-privesc-QVszVUPy"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-1514"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006841"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-144"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-374568"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006841"
},
{
"db": "NVD",
"id": "CVE-2021-1514"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sdwan-privesc-qvszvupy"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-1514"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021050623"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1535"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/cisco-sd-wan-vedge-privilege-escalation-via-cli-35265"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-374568"
},
{
"db": "VULMON",
"id": "CVE-2021-1514"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006841"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-144"
},
{
"db": "NVD",
"id": "CVE-2021-1514"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-374568"
},
{
"db": "VULMON",
"id": "CVE-2021-1514"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006841"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-144"
},
{
"db": "NVD",
"id": "CVE-2021-1514"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-06T00:00:00",
"db": "VULHUB",
"id": "VHN-374568"
},
{
"date": "2021-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2021-1514"
},
{
"date": "2022-01-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-006841"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-144"
},
{
"date": "2021-05-06T13:15:10.887000",
"db": "NVD",
"id": "CVE-2021-1514"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-05T00:00:00",
"db": "VULHUB",
"id": "VHN-374568"
},
{
"date": "2021-05-19T00:00:00",
"db": "VULMON",
"id": "CVE-2021-1514"
},
{
"date": "2022-01-21T08:20:00",
"db": "JVNDB",
"id": "JVNDB-2021-006841"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2022-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-144"
},
{
"date": "2023-10-16T16:35:25.220000",
"db": "NVD",
"id": "CVE-2021-1514"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-144"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco\u00a0SD-WAN\u00a0 Command injection vulnerabilities in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-006841"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.