Vulnerabilities > CVE-2021-1299 - Unspecified vulnerability in Cisco products

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

cisco

NVD

Published: 2021-01-20

Updated: 2024-11-21

Summary

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco SD WAN Firmware 18.2.0 Cisco SD WAN Firmware 18.3.0 Cisco SD WAN Firmware 18.3.8 Cisco SD WAN Firmware 18.4.6 Cisco SD WAN Firmware 19.2.3 Cisco SD WAN Firmware 19.2.99 Cisco SD WAN Firmware 20.1.0 Cisco SD WAN Vsmart Controller Firmware *	8
Hardware	Cisco Cisco Vedge 100 Router - Cisco Vedge 1000 Router - Cisco Vedge 100B Router - Cisco Vedge 100M Router - Cisco Vedge 100Wm Router - Cisco Vedge 2000 Router - Cisco Vedge 5000 Router - Cisco Vedge Cloud Router -	8
Application	Cisco Cisco SD WAN Vbond Orchestrator - Cisco Catalyst SD WAN Manager -	2

Summary

Vulnerable Configurations

References