A vulnerability, which was classified as critical, has been found in Cisco SD-WAN (Network Management Software) (affected version not known). Affected by this issue is an unknown code. Upgrading eliminates this vulnerability.

Field01/21/2021 08:54 AM02/18/2021 06:10 PM02/18/2021 06:15 PM
cvss3_vuldb_rcCCC
identifiercisco-sa-sdwan-cmdinjm-9QMSmgcncisco-sa-sdwan-cmdinjm-9QMSmgcncisco-sa-sdwan-cmdinjm-9QMSmgcn
urlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-cmdinjm-9QMSmgcnhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-cmdinjm-9QMSmgcnhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-cmdinjm-9QMSmgcn
nameUpgradeUpgradeUpgrade
cveCVE-2021-1263CVE-2021-1263CVE-2021-1263
vendorCiscoCiscoCisco
nameSD-WANSD-WANSD-WAN
cwe77 (privilege escalation)77 (privilege escalation)77 (privilege escalation)
risk222
cvss3_vuldb_avPPP
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aHHH
cvss3_vuldb_rlOOO
date1611183600 (01/21/2021)1611183600 (01/21/2021)1611183600 (01/21/2021)
typeNetwork Management SoftwareNetwork Management SoftwareNetwork Management Software
cvss2_vuldb_avLLL
cvss2_vuldb_acLLL
cvss2_vuldb_ciCCC
cvss2_vuldb_iiCCC
cvss2_vuldb_aiCCC
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore6.86.86.8
cvss2_vuldb_tempscore6.85.95.9
cvss3_vuldb_basescore6.66.66.6
cvss3_vuldb_tempscore6.66.36.3
cvss3_meta_basescore6.66.67.2
cvss3_meta_tempscore6.66.36.9
price_0day$5k-$25k$5k-$25k$5k-$25k
cve_assigned16052220001605222000
cve_nvd_summaryMultiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory.Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory.
cvss3_nvd_avL
cvss3_nvd_acL
cvss3_nvd_prL
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss2_nvd_avL
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciC
cvss2_nvd_iiC
cvss2_nvd_aiC
cve_cnaCisco Systems, Inc.
cvss2_nvd_basescore7.2
cvss3_nvd_basescore7.8

Do you know our Splunk app?

Download it now for free!