CVE-2021-1528

04.06.2021, 17:15

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.8 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cisco	CNA	7.8 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 17%

Vendor	Product	Version
cisco	catalyst_sd-wan_manager	20.4 ≤ 𝑥 < 20.4.2
cisco	catalyst_sd-wan_manager	20.5 ≤ 𝑥 < 20.5.1
cisco	sd-wan_vbond_orchestrator	20.4 ≤ 𝑥 < 20.4.2
cisco	sd-wan_vbond_orchestrator	20.5 ≤ 𝑥 < 20.5.1
cisco	vsmart_controller	20.4 ≤ 𝑥 < 20.4.2
cisco	vsmart_controller	20.5 ≤ 𝑥 < 20.5.1
cisco	vedge_100_firmware	20.4 ≤ 𝑥 < 20.4.2
cisco	vedge_100_firmware	20.5 ≤ 𝑥 < 20.5.1
cisco	vedge_1000_firmware	20.4 ≤ 𝑥 < 20.4.2
cisco	vedge_1000_firmware	20.5 ≤ 𝑥 < 20.5.1
cisco	vedge_100b_firmware	20.4 ≤ 𝑥 < 20.4.2
cisco	vedge_100b_firmware	20.5 ≤ 𝑥 < 20.5.1
cisco	vedge_100m_firmware	20.4 ≤ 𝑥 < 20.4.2
cisco	vedge_100m_firmware	20.5 ≤ 𝑥 < 20.5.1
cisco	vedge_100wm_firmware	20.4 ≤ 𝑥 < 20.4.2
cisco	vedge_100wm_firmware	20.5 ≤ 𝑥 < 20.5.1
cisco	vedge_2000_firmware	20.4 ≤ 𝑥 < 20.4.2
cisco	vedge_2000_firmware	20.5 ≤ 𝑥 < 20.5.1
cisco	vedge_5000_firmware	20.4 ≤ 𝑥 < 20.4.2
cisco	vedge_5000_firmware	20.5 ≤ 𝑥 < 20.5.1
cisco	vedge_100b_firmware	20.4 ≤ 𝑥 < 20.4.2
cisco	vedge_100b_firmware	20.5 ≤ 𝑥 < 20.5.1
cisco	vedge_cloud_firmware	20.4 ≤ 𝑥 < 20.4.2
cisco	vedge_cloud_firmware	20.5 ≤ 𝑥 < 20.5.1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-250 - Execution with Unnecessary Privileges
The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF