What is the severity of CVE-2021-1514?

CVE-2021-1514 has a high severity rating due to its potential to allow authenticated attackers to execute commands with Administrator privileges.

How do I fix CVE-2021-1514?

To fix CVE-2021-1514, update your Cisco SD-WAN software to the latest versions as specified in Cisco's advisory.

What products are affected by CVE-2021-1514?

CVE-2021-1514 affects multiple Cisco SD-WAN products, notably the Catalyst SD-WAN Manager and various vBond and vManage software versions.

Who is vulnerable to CVE-2021-1514?

Authenticated, local users on affected Cisco SD-WAN devices are vulnerable to exploitation of CVE-2021-1514.

Is there a workaround for CVE-2021-1514?

There are no documented workarounds for CVE-2021-1514; users are advised to apply the recommended updates immediately.

Vulnerability/
CVE-2021-1514

high

7.8

CWE

78 20

6/5/2021

8/11/2024

CVE-2021-1514: Cisco SD-WAN Software Privilege Escalation Vulnerability

First published: Thu May 06 2021(Updated: )

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Catalyst SD-WAN Manager	>=20.1<20.1.1
Cisco Catalyst SD-WAN Manager	>=20.3<20.3.1
Cisco Catalyst SD-WAN Manager	>=20.4<20.4.1
Cisco Catalyst SD-WAN Manager	>=20.5<20.5.1
Cisco vBond Orchestrator	<18.3
Cisco vBond Orchestrator	>=20.1<20.1.1
Cisco vBond Orchestrator	>=20.3<20.3.1
Cisco vBond Orchestrator	>=20.4<20.4.1
Cisco vBond Orchestrator	>=20.5<20.5.1
Cisco SD-WAN Solution Software	<18.3
Cisco SD-WAN vSmart Controller	<18.3
Cisco SD-WAN vSmart Controller	>=20.1<20.1.1
Cisco SD-WAN vSmart Controller	>=20.3<20.3.1
Cisco SD-WAN vSmart Controller	>=20.4<20.4.1
Cisco SD-WAN vSmart Controller	>=20.5<20.5.1
Cisco SD-WAN vSmart Controller
Cisco vEdge-1000 Firmware	<18.3
Cisco vEdge-1000 Firmware	>=20.1<20.1.1
Cisco vEdge-1000 Firmware	>=20.3<20.3.1
Cisco vEdge-1000 Firmware	>=20.4<20.4.1
Cisco vEdge-1000 Firmware	>=20.5<20.5.1
Cisco vEdge 100 Router
Cisco vEdge-1000 Firmware	<18.3
Cisco vEdge-1000 Firmware	>=20.1<20.1.1
Cisco vEdge-1000 Firmware	>=20.3<20.3.1
Cisco vEdge-1000 Firmware	>=20.4<20.4.1
Cisco vEdge-1000 Firmware	>=20.5<20.5.1
Cisco vEdge 1000 Router
Cisco vEdge 100b Firmware	<18.3
Cisco vEdge 100b Firmware	>=20.1<20.1.1
Cisco vEdge 100b Firmware	>=20.3<20.3.1
Cisco vEdge 100b Firmware	>=20.4<20.4.1
Cisco vEdge 100b Firmware	>=20.5<20.5.1
Cisco vEdge 100b Router
Cisco vEdge 100M Firmware	<18.3
Cisco vEdge 100M Firmware	>=20.1<20.1.1
Cisco vEdge 100M Firmware	>=20.3<20.3.1
Cisco vEdge 100M Firmware	>=20.4<20.4.1
Cisco vEdge 100M Firmware	>=20.5<20.5.1
Cisco vEdge 100m router
Cisco vEdge 100WM Firmware	<18.3
Cisco vEdge 100WM Firmware	>=20.1<20.1.1
Cisco vEdge 100WM Firmware	>=20.3<20.3.1
Cisco vEdge 100WM Firmware	>=20.4<20.4.1
Cisco vEdge 100WM Firmware	>=20.5<20.5.1
Cisco vEdge 100wm router
Cisco vEdge-2000 Firmware	<18.3
Cisco vEdge-2000 Firmware	>=20.1<20.1.1
Cisco vEdge-2000 Firmware	>=20.3<20.3.1
Cisco vEdge-2000 Firmware	>=20.4<20.4.1
Cisco vEdge-2000 Firmware	>=20.5<20.5.1
Cisco vEdge 2000 router
Cisco vEdge-5000 firmware	<18.3
Cisco vEdge-5000 firmware	>=20.1<20.1.1
Cisco vEdge-5000 firmware	>=20.3<20.3.1
Cisco vEdge-5000 firmware	>=20.4<20.4.1
Cisco vEdge-5000 firmware	>=20.5<20.5.1
Cisco vEdge-5000 firmware
Cisco vEdge 100b Firmware	<18.3
Cisco vEdge 100b Firmware	>=20.1<20.1.1
Cisco vEdge 100b Firmware	>=20.3<20.3.1
Cisco vEdge 100b Firmware	>=20.4<20.4.1
Cisco vEdge 100b Firmware	>=20.5<20.5.1
Cisco vEdge 100b Firmware
Cisco vEdge Cloud Firmware	<18.3
Cisco vEdge Cloud Firmware	>=20.1<20.1.1
Cisco vEdge Cloud Firmware	>=20.3<20.3.1
Cisco vEdge Cloud Firmware	>=20.4<20.4.1
Cisco vEdge Cloud Firmware	>=20.5<20.5.1
Cisco vEdge Cloud

Never miss a vulnerability like this again

Reference Links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy

Frequently Asked Questions

What is the severity of CVE-2021-1514?
CVE-2021-1514 has a high severity rating due to its potential to allow authenticated attackers to execute commands with Administrator privileges.
How do I fix CVE-2021-1514?
To fix CVE-2021-1514, update your Cisco SD-WAN software to the latest versions as specified in Cisco's advisory.
What products are affected by CVE-2021-1514?
CVE-2021-1514 affects multiple Cisco SD-WAN products, notably the Catalyst SD-WAN Manager and various vBond and vManage software versions.
Who is vulnerable to CVE-2021-1514?
Authenticated, local users on affected Cisco SD-WAN devices are vulnerable to exploitation of CVE-2021-1514.
Is there a workaround for CVE-2021-1514?
There are no documented workarounds for CVE-2021-1514; users are advised to apply the recommended updates immediately.

agent/author
agent/weakness
agent/type
agent/title
agent/severity
agent/references
agent/description
agent/first-publish-date
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-api
agent/software-canonical-lookup-request
collector/nvd-index
vendor/cisco
canonical/cisco catalyst sd-wan manager
version/cisco catalyst sd-wan manager/20.1
version/cisco catalyst sd-wan manager/20.3
version/cisco catalyst sd-wan manager/20.4
version/cisco catalyst sd-wan manager/20.5
canonical/cisco vbond orchestrator
version/cisco vbond orchestrator/20.1
version/cisco vbond orchestrator/20.3
version/cisco vbond orchestrator/20.4
version/cisco vbond orchestrator/20.5
canonical/cisco sd-wan solution software
canonical/cisco sd-wan vsmart controller
version/cisco sd-wan vsmart controller/20.1
version/cisco sd-wan vsmart controller/20.3
version/cisco sd-wan vsmart controller/20.4
version/cisco sd-wan vsmart controller/20.5
canonical/cisco vedge-1000 firmware
version/cisco vedge-1000 firmware/20.1
version/cisco vedge-1000 firmware/20.3
version/cisco vedge-1000 firmware/20.4
version/cisco vedge-1000 firmware/20.5
canonical/cisco vedge 100 router
canonical/cisco vedge 1000 router
canonical/cisco vedge 100b firmware
version/cisco vedge 100b firmware/20.1
version/cisco vedge 100b firmware/20.3
version/cisco vedge 100b firmware/20.4
version/cisco vedge 100b firmware/20.5
canonical/cisco vedge 100b router
canonical/cisco vedge 100m firmware
version/cisco vedge 100m firmware/20.1
version/cisco vedge 100m firmware/20.3
version/cisco vedge 100m firmware/20.4
version/cisco vedge 100m firmware/20.5
canonical/cisco vedge 100m router
canonical/cisco vedge 100wm firmware
version/cisco vedge 100wm firmware/20.1
version/cisco vedge 100wm firmware/20.3
version/cisco vedge 100wm firmware/20.4
version/cisco vedge 100wm firmware/20.5
canonical/cisco vedge 100wm router
canonical/cisco vedge-2000 firmware
version/cisco vedge-2000 firmware/20.1
version/cisco vedge-2000 firmware/20.3
version/cisco vedge-2000 firmware/20.4
version/cisco vedge-2000 firmware/20.5
canonical/cisco vedge 2000 router
canonical/cisco vedge-5000 firmware
version/cisco vedge-5000 firmware/20.1
version/cisco vedge-5000 firmware/20.3
version/cisco vedge-5000 firmware/20.4
version/cisco vedge-5000 firmware/20.5
canonical/cisco vedge cloud firmware
version/cisco vedge cloud firmware/20.1
version/cisco vedge cloud firmware/20.3
version/cisco vedge cloud firmware/20.4
version/cisco vedge cloud firmware/20.5
canonical/cisco vedge cloud