Vulnerabilities > Cisco > IOS XE SD WAN > 17.2.0

DATE CVE VULNERABILITY TITLE RISK
2021-09-23 CVE-2021-34724 Unspecified vulnerability in Cisco IOS XE Sd-Wan
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user.
local
low complexity
cisco
6.0
6.0
2021-09-23 CVE-2021-34729 OS Command Injection vulnerability in Cisco IOS XE and IOS XE Sd-Wan
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device.
local
low complexity
cisco CWE-78
6.7
6.7
2021-03-24 CVE-2021-1371 Unspecified vulnerability in Cisco IOS XE Sd-Wan 17.2.0
A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration.
low complexity
cisco
6.6
6.6
2020-07-31 CVE-2020-3375 Improper Input Validation vulnerability in Cisco IOS XE Sd-Wan and Sd-Wan
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device.
network
low complexity
cisco CWE-20
critical
 9.8
9.8