{ "id": "CVE-2021-1514", "sourceIdentifier": "ykramarz@cisco.com", "published": "2021-05-06T13:15:10.887", "lastModified": "2022-08-05T16:15:20.400", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges." }, { "lang": "es", "value": "Una vulnerabilidad en la CLI de Cisco SD-WAN Software, podr\u00eda permitir a un atacante local autenticado inyectar comandos arbitrarios para que sean ejecutados con privilegios de administrador en el Sistema Operativo subyacente. Esta vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada en determinados comandos de la CLI. Un atacante podr\u00eda explotar esta vulnerabilidad si se autentica en el dispositivo y env\u00eda una entrada dise\u00f1ada a la CLI. El atacante debe estar autenticado como un usuario poco privilegiado para ejecutar los comandos afectados. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos con privilegios de administrador" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 } ], "cvssMetricV30": [ { "source": "ykramarz@cisco.com", "type": "Secondary", "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.8, "impactScore": 2.5 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 4.6 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 3.9, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-78" } ] }, { "source": "ykramarz@cisco.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-20" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "DBCB1ED4-B8F6-454A-A50E-1E6C5799A38B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "52660B0F-9951-4720-9243-C04D19E1C900" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "43CB0C13-B19C-4716-9079-E3187C6A8F60" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "5CBDDA10-0C6A-4AE2-A79D-6ACE91BCE422" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "3079495E-BB87-48EF-92F2-5C0DFBBDFB2D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "CA56832C-0BA7-49F8-B03D-F7A8DDBA2D76" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "F06E8F29-8F3F-4582-ACAB-DEA5515964E8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "94060004-3886-4B6C-9FD4-65CE5683BF76" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "7460DC88-4500-4792-AC40-CFCF5417B870" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "9D5CFE78-304B-42AC-A305-83F8B00B87F3" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "E9F385B4-A7C9-4964-9A2F-9B246C2A4219" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "35D792D2-7C42-4E49-A024-7D8F10A5CD03" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "89290824-9E80-4DA6-B943-500A9DC80EF4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "57361E3C-D8AD-4971-8015-96B8910B847D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vsmart_controller_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "E6B61FD2-6C23-4A1A-AED4-CAD54D0715C4" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:vsmart_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "FF370668-127C-409B-83FE-293B830D4FB4" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "7E03063D-9DB6-4D3A-8FFF-C530635371CC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "43E988F6-8D4D-4E75-9C43-31E92AA3F85A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "0C67D65F-5DBD-4DCE-84CF-F1F2FBA4A250" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "7BFED2F3-4C18-4BE5-9F97-2CFCE37E7A2E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "B89D5AE2-3ED3-4C57-AF93-E9750D38F029" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", "matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "BBF226AE-FF8F-4203-8DAC-438E82AEC85A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "1AD6B70F-1356-4AB4-A8DB-6BB3BAD854A6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "669F7796-2CBF-42BF-91C4-F861DF09D4B7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "50C849A5-EBF4-4CD7-93AE-503C3E0B7A05" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_1000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "834192CC-585D-445E-B2AD-D73E9CDF3FED" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", "matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "9A5A7F2E-0B61-4C4C-AE1F-BAFB735DA905" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "1158B505-4DAC-42BB-A9E5-533BCA7545F4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "427DC9A5-3374-440C-A797-DC7BBCCCB13D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "12136AD8-9113-46B9-B6A9-0C330ABB05B9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100b_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "632EBFCA-132A-4AC9-A244-7D6EBCAEAC16" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", "matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "2E77822B-DEF3-44C3-9AFE-A406ECD26EE5" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "9A4C603C-9858-4048-AA20-7C7F7BB84DBD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "A51AE026-39C0-400B-8E78-21ACBF6D560F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "829BA8C4-8E99-4338-817B-9F9FF37105BE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100m_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "6375DFCF-2EEB-482B-AAD4-8FAB8F03C9C0" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", "matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "646D2962-5FB3-45E1-B743-CFDF6219742B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "B55B533F-0942-4848-A823-8D17BD9C70AC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "04BBF912-56A4-4B0D-AEDE-3B4A66E46DC6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "200199EC-2819-4DE0-828C-0F56790CA1B4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_100wm_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "104BBAE4-C7C1-4E5A-A540-AF679FCE1CD2" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", "matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "66F09F72-2D64-4952-8ED1-5B1D8817B065" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "28170198-23CE-48F9-8502-3C0F51EDCB33" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "48758B17-6BB7-45BB-AB83-36AF55238250" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "E479E1A4-0F80-4FDC-8F9F-9E23A885179A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_2000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "584863D2-B181-4CDF-8266-EEBA56A5AA85" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "5488D32F-808B-4327-8C57-13F270C02C1B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "7B559B94-0730-4F3D-90AB-E71D2E684C19" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "2090A040-270A-4BD1-8430-603C709F64E8" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "4288CD57-CDEE-4B03-8163-7CDDE7767914" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_5000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "50C0D971-E2C4-4048-A08F-0A5D437866F8" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "7F1B097C-09B1-4DC6-B0F9-92E01C415DF3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "2FA95C6C-72C5-4DDF-B036-5AB2900C9C71" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "C8123987-EAD3-47D2-AD9F-167A1D52AEF7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "25953689-6E4F-477A-A251-54C1D8ED8880" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge-100b_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "3414238A-002E-48F7-82DE-FE4122B1A10A" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:vedge-100b:-:*:*:*:*:*:*:*", "matchCriteriaId": "07E7851F-3E72-4677-B907-CF777EBED2FF" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.3", "matchCriteriaId": "83F5CAE4-CB80-441B-928D-86C13570AA1B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.1", "versionEndExcluding": "20.1.1", "matchCriteriaId": "DC788143-279B-4325-988A-5FBAA4B438CC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.3", "versionEndExcluding": "20.3.1", "matchCriteriaId": "2FBE16B1-8E2A-4DF8-B362-86874FAC1F0C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.4", "versionEndExcluding": "20.4.1", "matchCriteriaId": "430D9FAC-36E8-4AB0-85F2-88D7EF1F6B7A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:vedge_cloud_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "20.5", "versionEndExcluding": "20.5.1", "matchCriteriaId": "DDBBDE43-BBAE-431B-AF56-73D9CC8743F7" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:vedge_cloud:-:*:*:*:*:*:*:*", "matchCriteriaId": "94999112-9EAA-4707-B002-F867D7628C49" } ] } ] } ], "references": [ { "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy", "source": "ykramarz@cisco.com", "tags": [ "Vendor Advisory" ] } ] }