Vulnerabilities > Cisco > Vedge 100M Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-04 | CVE-2021-1528 | Execution with Unnecessary Privileges vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. | 7.8 |
| 2021-05-06 | CVE-2021-1509 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2021-05-06 | CVE-2021-1510 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2021-05-06 | CVE-2021-1513 | Improper Input Validation vulnerability in Cisco products A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. | 7.5 |
| 2021-05-06 | CVE-2021-1514 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. | 7.8 |
| 2018-07-18 | CVE-2018-0351 | Command Injection vulnerability in Cisco products A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.8 |
| 2018-07-18 | CVE-2018-0350 | Command Injection vulnerability in Cisco products A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 8.8 |
| 2018-07-18 | CVE-2018-0348 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
| 2018-07-18 | CVE-2018-0347 | Command Injection vulnerability in Cisco products A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.8 |
| 2018-07-18 | CVE-2018-0346 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |