A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HCisco Catalyst Sd Wan Manager
APPCisco20.5 – 20.5.1 (bez)20.4 – 20.4.2 (bez)Cisco Sd Wan Vbond Orchestrator
APPCisco20.4 – 20.4.2 (bez)20.5 – 20.5.1 (bez)Cisco Vedge 100
HWCiscowszystkie wersjeCisco Vedge 1000
HWCiscowszystkie wersjeCisco Vedge 1000 Firmware
OSCisco20.4 – 20.4.2 (bez)20.5 – 20.5.1 (bez)Cisco Vedge 100b
HWCiscowszystkie wersjeCisco Vedge 100b Firmware
OSCisco20.5 – 20.5.1 (bez)20.4 – 20.4.2 (bez)Cisco Vedge 100 Firmware
OSCisco20.4 – 20.4.2 (bez)20.5 – 20.5.1 (bez)Cisco Vedge 100m
HWCiscowszystkie wersjeCisco Vedge 100m Firmware
OSCisco20.4 – 20.4.2 (bez)20.5 – 20.5.1 (bez)Cisco Vedge 100wm
HWCiscowszystkie wersjeCisco Vedge 100wm Firmware
OSCisco20.4 – 20.4.2 (bez)20.5 – 20.5.1 (bez)Cisco Vedge 2000
HWCiscowszystkie wersjeCisco Vedge 2000 Firmware
OSCisco20.4 – 20.4.2 (bez)20.5 – 20.5.1 (bez)Cisco Vedge 5000
HWCiscowszystkie wersjeCisco Vedge 5000 Firmware
OSCisco20.4 – 20.4.2 (bez)20.5 – 20.5.1 (bez)Cisco Vedge Cloud
HWCiscowszystkie wersjeCisco Vedge Cloud Firmware
OSCisco20.4 – 20.4.2 (bez)20.5 – 20.5.1 (bez)Cisco Vsmart Controller
APPCisco20.4 – 20.4.2 (bez)20.5 – 20.5.1 (bez)
Powiązane podatności
Cisco Catalyst SD-WAN — pominięcie uwierzytelnienia z dostępem administracyjnym
Cisco Catalyst SD-WAN — ominięcie uwierzytelnienia peering i przejęcie uprawnień
Pominięcie uwierzytelnienia w API Cisco Catalyst SD-WAN Manager
A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Softwar...
A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software cou...