CVE-2021-34723: Cisco IOS XE SD-WAN Software Arbitrary File Overwrite Vulnerability
First published: Thu Sep 23 2021(Updated: )
A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device. This vulnerability is due to insufficient validation of specific CLI command parameters. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of the configuration database and gain root-level access to an affected device.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XE | =17.3.1a | |
| Cisco Asr 1000-x | ||
| Cisco Asr 1001 | ||
| Cisco Asr 1001-x | ||
| Cisco Asr 1002 | ||
| Cisco Asr 1002-x | ||
| Cisco Asr 1004 | ||
| Cisco Asr 1006 | ||
| Cisco Asr 1013 | ||
| Cisco Asr 1023 | ||
| Cisco 4321 Integrated Services Router | ||
| Cisco 4331 Integrated Services Router | ||
| Cisco 4351 Integrated Services Router | ||
| Cisco 4431 Integrated Services Router | ||
| Cisco 1100-4g Integrated Services Router | ||
| Cisco 1100-4gltegb Integrated Services Router | ||
| Cisco 1100-4gltena Integrated Services Router | ||
| Cisco 1100-6g Integrated Services Router | ||
| Cisco 1100-lte Integrated Services Router | ||
| Cisco 1100 Integrated Services Router | ||
| Cisco Csr1000v |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-34723.
What is the severity of CVE-2021-34723?
The severity of CVE-2021-34723 is medium with a severity value of 6.7.
Which software is affected by CVE-2021-34723?
Cisco IOS XE SD-WAN Software version 17.3.1a is affected by CVE-2021-34723.
How does CVE-2021-34723 work?
CVE-2021-34723 allows an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device by exploiting a vulnerability in a specific CLI command.
How can I fix CVE-2021-34723?
To fix CVE-2021-34723, it is recommended to upgrade to a fixed version of Cisco IOS XE SD-WAN Software.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/title
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/cisco
- canonical/cisco ios xe
- version/cisco ios xe/17.3.1a
- canonical/cisco asr 1000-x
- canonical/cisco asr 1001
- canonical/cisco asr 1001-x
- canonical/cisco asr 1002
- canonical/cisco asr 1002-x
- canonical/cisco asr 1004
- canonical/cisco asr 1006
- canonical/cisco asr 1013
- canonical/cisco asr 1023
- canonical/cisco 4321 integrated services router
- canonical/cisco 4331 integrated services router
- canonical/cisco 4351 integrated services router
- canonical/cisco 4431 integrated services router
- canonical/cisco 1100-4g integrated services router
- canonical/cisco 1100-4gltegb integrated services router
- canonical/cisco 1100-4gltena integrated services router
- canonical/cisco 1100-6g integrated services router
- canonical/cisco 1100-lte integrated services router
- canonical/cisco 1100 integrated services router
- canonical/cisco csr1000v