Lucene search

CiscoCVE-2021-1510

HistoryMay 06, 2021 - 1:15 p.m.

CVE-2021-1510

2021-05-0613:15:10

CWE-119

cisco

web.nvd.nist.gov

cve-2021-1510

cisco

sd-wan

vedge

software

vulnerability

arbitrary code

root user

denial of service

dos

advisory

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

47.0%

JSON

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Affected configurations

Nvd

Node

ciscovedge_100_firmwareRange20.4–20.4.1

ciscovedge_100_firmwareRange20.5–20.5.1

ciscovedge_100_firmwareMatch19.2.99

AND

ciscovedge_100Match-

Node

ciscovedge_1000_firmwareRange20.4–20.4.1

ciscovedge_1000_firmwareRange20.5–20.5.1

ciscovedge_1000_firmwareMatch19.2.99

AND

ciscovedge_1000Match-

Node

ciscovedge_100b_firmwareRange20.4–20.4.1

ciscovedge_100b_firmwareRange20.5–20.5.1

ciscovedge_100b_firmwareMatch19.2.99

AND

ciscovedge_100bMatch-

Node

ciscovedge_100m_firmwareRange20.4–20.4.1

ciscovedge_100m_firmwareRange20.5–20.5.1

ciscovedge_100m_firmwareMatch19.2.99

AND

ciscovedge_100mMatch-

Node

ciscovedge_100wm_firmwareRange20.4–20.4.1

ciscovedge_100wm_firmwareRange20.5–20.5.1

ciscovedge_100wm_firmwareMatch19.2.99

AND

ciscovedge_100wmMatch-

Node

ciscovedge_2000_firmwareRange20.4–20.4.1

ciscovedge_2000_firmwareRange20.5–20.5.1

ciscovedge_2000_firmwareMatch19.2.99

AND

ciscovedge_2000Match-

Node

ciscovedge_5000_firmwareRange20.4–20.4.1

ciscovedge_5000_firmwareRange20.5–20.5.1

ciscovedge_5000_firmwareMatch19.2.99

AND

ciscovedge_5000Match-

Node

ciscovedge_100b_firmwareRange20.4–20.4.1

ciscovedge_100b_firmwareRange20.5–20.5.1

ciscovedge_100b_firmwareMatch19.2.99

AND

ciscovedge_100bMatch-

Node

ciscovedge_cloud_firmwareRange20.4–20.4.1

ciscovedge_cloud_firmwareRange20.5–20.5.1

ciscovedge_cloud_firmwareMatch19.2.99

AND

ciscovedge_cloudMatch-

VendorProductVersionCPE
ciscovedge_100_firmware*cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*
ciscovedge_100_firmware19.2.99cpe:2.3:o:cisco:vedge_100_firmware:19.2.99:*:*:*:*:*:*:*
ciscovedge_100-cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*
ciscovedge_1000_firmware*cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*
ciscovedge_1000_firmware19.2.99cpe:2.3:o:cisco:vedge_1000_firmware:19.2.99:*:*:*:*:*:*:*
ciscovedge_1000-cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*
ciscovedge_100b_firmware*cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*
ciscovedge_100b_firmware19.2.99cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:*:*:*:*:*:*:*
ciscovedge_100b-cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*
ciscovedge_100m_firmware*cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	vedge_100_firmware	*	cpe:2.3:o:cisco:vedge_100_firmware::::::::
cisco	vedge_100_firmware	19.2.99	cpe:2.3:o:cisco:vedge_100_firmware:19.2.99:::::::*
cisco	vedge_100	-	cpe:2.3:h:cisco:vedge_100:-:::::::*
cisco	vedge_1000_firmware	*	cpe:2.3:o:cisco:vedge_1000_firmware::::::::
cisco	vedge_1000_firmware	19.2.99	cpe:2.3:o:cisco:vedge_1000_firmware:19.2.99:::::::*
cisco	vedge_1000	-	cpe:2.3:h:cisco:vedge_1000:-:::::::*
cisco	vedge_100b_firmware	*	cpe:2.3:o:cisco:vedge_100b_firmware::::::::
cisco	vedge_100b_firmware	19.2.99	cpe:2.3:o:cisco:vedge_100b_firmware:19.2.99:::::::*
cisco	vedge_100b	-	cpe:2.3:h:cisco:vedge_100b:-:::::::*
cisco	vedge_100m_firmware	*	cpe:2.3:o:cisco:vedge_100m_firmware::::::::

Rows per page:

1-10 of 241

CNA Affected

[
  {
    "product": "Cisco SD-WAN vEdge router",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO

Social References

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

47.0%

JSON

Related for CVE-2021-1510