Vulnerabilities > Cisco > Vedge 5000 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-09-23 CVE-2021-1546 Information Exposure Through an Error Message vulnerability in Cisco products
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information.
local
low complexity
cisco CWE-209
5.5
2021-06-04 CVE-2021-1528 Execution with Unnecessary Privileges vulnerability in Cisco products
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system.
local
low complexity
cisco CWE-250
7.8
2021-05-06 CVE-2021-1509 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device.
network
high complexity
cisco CWE-119
7.5
2021-05-06 CVE-2021-1510 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-119
7.5
2021-05-06 CVE-2021-1511 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-119
6.5
2021-05-06 CVE-2021-1512 Files or Directories Accessible to External Parties vulnerability in Cisco products
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system.
local
low complexity
cisco CWE-552
6.0
2021-05-06 CVE-2021-1513 Improper Input Validation vulnerability in Cisco products
A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
7.5
2021-05-06 CVE-2021-1514 OS Command Injection vulnerability in Cisco products
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system.
local
low complexity
cisco CWE-78
7.8
2019-01-24 CVE-2019-1650 OS Command Injection vulnerability in Cisco products
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device.
network
low complexity
cisco CWE-78
8.8
2019-01-24 CVE-2019-1648 Improper Input Validation vulnerability in Cisco products
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device.
local
low complexity
cisco CWE-20
7.8