Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-1612

Опубликовано: 23 сент. 2021
Источник: nvd
CVSS3: 5.5
CVSS3: 7.1
CVSS2: 6.6
EPSS Низкий

Описание

A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*
Версия до 17.3.4 (исключая)

EPSS

Процентиль: 15%
0.00048
Низкий

5.5 Medium

CVSS3

7.1 High

CVSS3

6.6 Medium

CVSS2

Дефекты

CWE-61
CWE-59

Связанные уязвимости

github логотип

GHSA-hpj4-vj9f-q9hf

github
больше 3 лет назад

A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device.

fstec логотип

BDU:2021-05371

CVSS3: 5.5
fstec
больше 4 лет назад

Уязвимость интерфейса командной строки (CLI) программного обеспечения Cisco IOS XE SD-WAN, позволяющая нарушителю перезаписывать произвольные файлы

EPSS

Процентиль: 15%
0.00048
Низкий

5.5 Medium

CVSS3

7.1 High

CVSS3

6.6 Medium

CVSS2

Дефекты

CWE-61
CWE-59