PT-2021-5069 · Cisco · Cisco Sd-Wan
Akhil Reddy
+1
·
Published
2021-09-22
·
Updated
2023-10-16
·
CVE-2021-1546
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco SD-WAN Software (affected versions not specified)
Description
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This issue is due to improper protections on file access through the CLI. An attacker could exploit this by running a CLI command that targets an arbitrary file on the local system, potentially disclosing sensitive information.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Generation of Error Message Containing Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Sd-Wan