Lucene search

[email protected]CVE-2021-1511

HistoryMay 06, 2021 - 1:15 p.m.

CVE-2021-1511

2021-05-0613:15:10

CWE-119

[email protected]

web.nvd.nist.gov

cisco

sd-wan

vedge software

vulnerability

remote code execution

dos

cve-2021-1511

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.8%

JSON

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Affected configurations

NVD

Node

ciscovedge_100_firmwareRange20.4–20.4.1

ciscovedge_100_firmwareRange20.5–20.5.1

ciscovedge_100_firmwareMatch19.2.99

AND

ciscovedge_100Match-

Node

ciscovedge_1000_firmwareRange20.4–20.4.1

ciscovedge_1000_firmwareRange20.5–20.5.1

ciscovedge_1000_firmwareMatch19.2.99

AND

ciscovedge_1000Match-

Node

ciscovedge_100b_firmwareRange20.4–20.4.1

ciscovedge_100b_firmwareRange20.5–20.5.1

ciscovedge_100b_firmwareMatch19.2.99

AND

ciscovedge_100bMatch-

Node

ciscovedge_100m_firmwareRange20.4–20.4.1

ciscovedge_100m_firmwareRange20.5–20.5.1

ciscovedge_100m_firmwareMatch19.2.99

AND

ciscovedge_100mMatch-

Node

ciscovedge_100wm_firmwareRange20.4–20.4.1

ciscovedge_100wm_firmwareRange20.5–20.5.1

ciscovedge_100wm_firmwareMatch19.2.99

AND

ciscovedge_100wmMatch-

Node

ciscovedge_2000_firmwareRange20.4–20.4.1

ciscovedge_2000_firmwareRange20.5–20.5.1

ciscovedge_2000_firmwareMatch19.2.99

AND

ciscovedge_2000Match-

Node

ciscovedge_5000_firmwareRange20.4–20.4.1

ciscovedge_5000_firmwareRange20.5–20.5.1

ciscovedge_5000_firmwareMatch19.2.99

AND

ciscovedge_5000Match-

Node

ciscovedge_100b_firmwareRange20.4–20.4.1

ciscovedge_100b_firmwareRange20.5–20.5.1

ciscovedge_100b_firmwareMatch19.2.99

AND

ciscovedge_100bMatch-

Node

ciscovedge_cloud_firmwareRange20.4–20.4.1

ciscovedge_cloud_firmwareRange20.5–20.5.1

ciscovedge_cloud_firmwareMatch19.2.99

AND

ciscovedge_cloudMatch-

CPENameOperatorVersion
cisco:vedge_100_firmwarecisco vedge 100 firmwarelt20.4.1
cisco:vedge_100_firmwarecisco vedge 100 firmwarelt20.5.1
cisco:vedge_100_firmwarecisco vedge 100 firmwareeq19.2.99

CPE	Name	Operator	Version
cisco:vedge_100_firmware	cisco vedge 100 firmware	lt	20.4.1
cisco:vedge_100_firmware	cisco vedge 100 firmware	lt	20.5.1
cisco:vedge_100_firmware	cisco vedge 100 firmware	eq	19.2.99

CNA Affected

[
  {
    "product": "Cisco SD-WAN vEdge router ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.8%

JSON

Related for CVE-2021-1511

nvd1 cvelist1 prion1 cisco1 nessus1