A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. The vulnerability is due to improper validation of commands to the remote management CLI of the affected application. An attacker could exploit this vulnerability by sending malicious requests to the affected application. A successful exploit could allow the attacker to inject arbitrary commands and potentially gain elevated privileges.
History

Wed, 13 Nov 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2020-11-06T18:15:58.758482Z

Updated: 2024-11-13T17:44:07.665Z

Reserved: 2020-10-13T00:00:00

Link: CVE-2020-27129

cve-icon Vulnrichment

Updated: 2024-08-04T16:11:35.401Z

cve-icon NVD

Status : Modified

Published: 2020-11-06T19:15:13.783

Modified: 2024-11-21T05:20:46.033

Link: CVE-2020-27129

cve-icon Redhat

No data.