Cisco Vedge Cloud Firmware vulnerabilities
6 known vulnerabilities affecting cisco/vedge_cloud_firmware.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-1546MEDIUMCVSS 5.5≥ 18.4, < 20.4.2≥ 20.5, < 20.5.2+1 more2021-09-23
CVE-2021-1546 [MEDIUM] CWE-209 CVE-2021-1546: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit
nvd
CVE-2021-1528HIGHCVSS 7.8≥ 20.4, < 20.4.2≥ 20.5, < 20.5.12021-06-04
CVE-2021-1528 [HIGH] CWE-250 CVE-2021-1528: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected
nvd
CVE-2021-1510HIGHCVSS 7.5≥ 20.4, < 20.4.1≥ 20.5, < 20.5.1+1 more2021-05-06
CVE-2021-1510 [HIGH] CWE-119 CVE-2021-1510: Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
nvd
CVE-2021-1509HIGHCVSS 7.5≥ 20.4, < 20.4.1≥ 20.5, < 20.5.1+1 more2021-05-06
CVE-2021-1509 [HIGH] CWE-119 CVE-2021-1509: Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
nvd
CVE-2021-1514HIGHCVSS 7.8fixed in 18.3≥ 20.1, < 20.1.1+3 more2021-05-06
CVE-2021-1514 [HIGH] CWE-20 CVE-2021-1514: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to
nvd
CVE-2021-1511MEDIUMCVSS 6.5≥ 20.4, < 20.4.1≥ 20.5, < 20.5.1+1 more2021-05-06
CVE-2021-1511 [MEDIUM] CWE-119 CVE-2021-1511: Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
nvd