Cisco Sd-Wan Solution vulnerabilities

CVE-2021-1241 [HIGH] CWE-119 CVE-2021-1241: Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-1298 [HIGH] CWE-20 CVE-2021-1298: Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform c Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-1299 [HIGH] CWE-20 CVE-2021-1299: Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform c Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-1278 [HIGH] CWE-119 CVE-2021-1278: Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-1263 [HIGH] CWE-20 CVE-2021-1263: Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform c Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-1260 [HIGH] CWE-20 CVE-2021-1260: Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform c Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-1261 [HIGH] CWE-20 CVE-2021-1261: Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform c Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-1233 [MEDIUM] CWE-20 CVE-2021-1233: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information on an affected device. The vulnerability is due to insufficient input validation of requests that are sent to the iperf tool. An attacker could exploit this vulnerability by sending a crafted request to the iperf tool, which i

CVE-2020-3600 [HIGH] CWE-269 CVE-2020-3600: A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate pri A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient security controls on the CLI. An attacker could exploit this vulnerability by using an affected CLI utility that is running on an affected system. A successful ex

CVE-2020-3595 [HIGH] CWE-269 CVE-2020-3595: A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate pri A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying operating system. The vulnerability is due to incorrect permissions being set when the affected command is executed. An attacker could exploit this vulnerability by executing the affected command on an affected syst

CVE-2020-3594 [HIGH] CWE-269 CVE-2020-3594: A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate pri A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted options to a specific command. A successful exploit could allow the attacker t

CVE-2020-3593 [HIGH] CWE-269 CVE-2020-3593: A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate pri A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to a utility that is running on an affected system. A successful explo

CVE-2020-3444 [HIGH] CWE-20 CVE-2020-3444: A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthentic A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by crafting a malicious TCP packet with specific characteristic

CVE-2020-3351 [HIGH] CWE-399 CVE-2020-3351: A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to th

CVE-2020-3379 [HIGH] CWE-264 CVE-2020-3379: A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to el A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could al

CVE-2020-3266 [HIGH] CWE-77 CVE-2020-3266: A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local att A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utili

CVE-2020-3264 [HIGH] CWE-119 CVE-2020-3264: A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to ca A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain ac

CVE-2020-3265 [HIGH] CWE-264 CVE-2020-3265: A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to el A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the a

CVE-2020-3115 [HIGH] CWE-264 CVE-2020-3115: A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticate A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted file to the affected system.

CVE-2019-12629 [HIGH] CWE-77 CVE-2019-12629: A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attac A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in the affected solution. An attacker could exploit this vuln