CVE-2021-1514

HIGH

Cisco SD-WAN Software - Authenticated OS Command Injection via CLI

Title source: llm

Description

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy

Scores

CVSS v3 7.8

EPSS 0.0007

EPSS Percentile 21.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-78 CWE-20

Status published

Products (13)

cisco/catalyst_sd-wan_manager 20.1 - 20.1.1

cisco/sd-wan_vbond_orchestrator < 18.3

cisco/sd-wan_vmanage < 18.3

cisco/vedge-100b_firmware < 18.3

cisco/vedge_1000_firmware < 18.3

cisco/vedge_100_firmware < 18.3

cisco/vedge_100b_firmware < 18.3

cisco/vedge_100m_firmware < 18.3

cisco/vedge_100wm_firmware < 18.3

cisco/vedge_2000_firmware < 18.3

... and 3 more

Published May 06, 2021

Tracked Since Feb 18, 2026