CVE-2021-1510

CWE-119 — Buffer Overflow4 documents4 sources

Severity

7.5HIGH

EPSS

0.9%

top 24.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Vedge 1000 Firmware Cisco Vedge 100 Firmware Cisco Vedge 100b Firmware +6 more

Timeline

PublishedMay 6

Latest updateMay 24

Description

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages9 packages

▶NVDcisco/vedge_100_firmware20.4 — 20.4.1+2

▶NVDcisco/vedge_1000_firmware20.4 — 20.4.1+2

▶NVDcisco/vedge_100b_firmware20.4 — 20.4.1+2

▶NVDcisco/vedge_100m_firmware20.4 — 20.4.1+2

▶NVDcisco/vedge_2000_firmware20.4 — 20.4.1+2

🔴Vulnerability Details

GHSA

GHSA-fhmq-3hvh-w6rm: Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of servic↗2022-05-24

▶

CVEList

Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities↗2021-05-06

▶

📋Vendor Advisories

Cisco

Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities↗2021-05-05

▶