Lucene search

CiscoCISCO-SA-SD-WAN-FUERCWWF

HistoryJun 02, 2021 - 4:00 p.m.

Cisco SD-WAN Software Privilege Escalation Vulnerability

2021-06-0216:00:00

tools.cisco.com

cisco

sd-wan

vulnerability

privilege escalation

cli

authenticated

local attacker

elevated privileges

software update

root user

EPSS

Percentile

5.1%

JSON

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system.

This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF”]

Affected configurations

Vulners

Node

ciscosd-wan_solutionMatchany

ciscosd-wan_vmanageMatchany

ciscosd-wan_vedge_routerMatchany

ciscosd-wan_vedge_cloudMatchany

ciscosd-wanMatchany

ciscosd-wan_solutionMatchany

ciscosd-wan_vmanageMatchany

ciscosd-wan_vedge_routerMatchany

ciscosd-wan_vedge_cloudMatchany

ciscosd-wanMatchany

VendorProductVersionCPE
ciscosd-wan_solutionanycpe:2.3:a:cisco:sd-wan_solution:any:*:*:*:*:*:*:*
ciscosd-wan_vmanageanycpe:2.3:a:cisco:sd-wan_vmanage:any:*:*:*:*:*:*:*
ciscosd-wan_vedge_routeranycpe:2.3:a:cisco:sd-wan_vedge_router:any:*:*:*:*:*:*:*
ciscosd-wan_vedge_cloudanycpe:2.3:a:cisco:sd-wan_vedge_cloud:any:*:*:*:*:*:*:*
ciscosd-wananycpe:2.3:a:cisco:sd-wan:any:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	sd-wan_solution	any	cpe:2.3:a:cisco:sd-wan_solution:any:::::::*
cisco	sd-wan_vmanage	any	cpe:2.3:a:cisco:sd-wan_vmanage:any:::::::*
cisco	sd-wan_vedge_router	any	cpe:2.3:a:cisco:sd-wan_vedge_router:any:::::::*
cisco	sd-wan_vedge_cloud	any	cpe:2.3:a:cisco:sd-wan_vedge_cloud:any:::::::*
cisco	sd-wan	any	cpe:2.3:a:cisco:sd-wan:any:::::::*

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-fuErCWwF

EPSS

Percentile

5.1%

JSON

Related for CISCO-SA-SD-WAN-FUERCWWF