CVSS: 7.8EPSS: 0%CPEs: 83EXPL: 1CVE-2022-20818 – Cisco SD-WAN Software Privilege Escalation Vulnerabilities
https://notcve.org/view.php?id=CVE-2022-20818
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Múltiples vulnerabilidades en la CLI del software Cisco SD-WAN podrían permitir a un atacante local autenticado conseguir altos privilegios. • https://github.com/mbadanoiu/CVE-2022-20818 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-25: Path Traversal: '/../filedir' •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-20716 – Cisco SD-WAN Solution Improper Access Control Vulnerability
https://notcve.org/view.php?id=CVE-2022-20716
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on the vulnerable device. If successful, the attacker could gain escalated privileges and take actions on the system with the privileges of the root user. Una vulnerabilidad en la CLI del software Cisco SD-WAN podría permitir a un atacante local autenticado alcanzar altos privilegios. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-file-access-VW36d28P • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-1589 – Cisco SD-WAN vManage Software Disaster Recovery Feature Password Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1589
A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain unauthorized access to user credentials. This vulnerability exists because access to API endpoints is not properly restricted. An attacker could exploit this vulnerability by sending a request to an API endpoint. A successful exploit could allow the attacker to gain unauthorized access to administrative credentials that could be used in further attacks. Una vulnerabilidad en la funcionalidad disaster recovery de Cisco SD-WAN vManage Software podría permitir a un atacante remoto autenticado conseguir acceso no autorizado a las credenciales del usuario. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-credentials-ydYfskzZ • CWE-256: Plaintext Storage of a Password CWE-522: Insufficiently Protected Credentials •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2021-34726 – Cisco SD-WAN Software Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2021-34726
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-cmdinjec-znUYTuC • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-1614 – Cisco SD-WAN Software Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1614
A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. This vulnerability is due to insufficient handling of malformed MPLS packets that are processed by a device that is running Cisco SD-WAN Software. An attacker could exploit this vulnerability by sending a crafted MPLS packet to an affected device that is running Cisco SD-WAN Software or Cisco SD-WAN vManage Software. A successful exploit could allow the attacker to gain unauthorized access to sensitive information. Una vulnerabilidad en la función de administración de paquetes Multiprotocol Label Switching (MPLS) del Software Cisco SD-WAN, podría permitir a un atacante remoto no autenticado acceder a la información almacenada en la memoria intermedia de MPLS. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-mpls-infodisclos-MSSRFkZq • CWE-126: Buffer Over-read •