Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Ios xe sd-wan'
2021-03-24
CVE-2021-1454
CWE-88
Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.
CVE-2021-1432
CWE-74
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are then executed on the device by the root user. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
CVE-2021-1383
CWE-20
Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.
2020-06-03
CVE-2020-3216
CWE-287
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device.
>>>
Vendor:
Cisco
1880
Products
IOS
Pix firewall
Router
Cisco 7xx routers
Catalyst 12xx supervisor software
Catalyst 29xx supervisor software
Catalyst 5xxx supervisor software
Ciscosecure
675 router
Cache engine
Resource manager
Pix private link
Catalyst 2900 vlan
Catos
Accesspath
As5200
As5300
As5800
System controller 3640
3660 router
7100 router
7200 router
7500 router
Ubr7200
Voice gateway as5800
Router 2500
Router 2600
Router 3600
Router 4000
Router 7200
Router 7500
Tacacs+
Secure desktop
Gigabit switch router 12008
Gigabit switch router 12012
Gigabit switch router 12016
Catalyst 3500 xl
Virtual central office 4000
Secure access control server
Arrowpoint
Content services switch
Cisco 6xx routers
Broadband operating system
Catalyst 4000
Catalyst 5000
Catalyst 6000
Aironet
Aironet ap340
Pix firewall 515
Pix firewall 520
Content services switch 11050
Content services switch 11150
Content services switch 11800
Vpn 3000 concentrator
Vpn 3005 concentrator
Vpn 3015 concentrator
Vpn 3030 concentator
Vpn 3060 concentrator
Vpn 3080 concentrator
CBOS
Aironet 340
Catalyst 2900
Content services switch 11000
Catalyst 6000 intrusion detection system module
Secure intrusion detection system
HSRP
6400 nrp 2
Tftp server
12000 router
Catalyst 2900xl
Catalyst 2948g-l3
Catalyst 2950
Catalyst 3500xl
Catalyst 3550
Catalyst 4908g-l3
Catalyst 8500
Distributed director
Sn 5420 storage router
Pix firewall manager
ICDN
Ubr920
Ubr924
Ubr925
Call manager
Aironet ap350
Ata-186
Content distribution manager 4630
Content distribution manager 4650
Content engine
Cache engine 505
Cache engine 550
Cache engine 570
Content router 4430
Webns
Vpn 500 concentrator
Iscsi driver
Vpn client
Voip phone cp-7940
Voip phone cp-7910
Voip phone cp-7960
See all Products for Vendor
Cisco
Copyright
2024
, cxsecurity.com
Back to Top