PT-2021-13520 · Cisco · Cisco Sd-Wan
Julien Legras
·
Published
2021-06-04
·
Updated
2023-10-16
·
CVE-2021-1528
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Cisco SD-WAN Software (affected versions not specified)
Description:
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This issue exists because the software does not properly restrict access to privileged processes. An attacker could exploit this by invoking a privileged process, potentially allowing them to perform actions with the privileges of the root user.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Sd-Wan