cisco-sa-ios-xe-sdwan-VQAhEjYw: Cisco IOS XE SD-WAN Software Command Injection Vulnerability
First published: Wed Mar 22 2023(Updated: )
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges.This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Standalone IOS XE SD-WAN Releases |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-ios-xe-sdwan-VQAhEjYw?
The severity of cisco-sa-ios-xe-sdwan-VQAhEjYw is high due to potential exploitation by authenticated attackers to execute arbitrary commands.
How do I fix cisco-sa-ios-xe-sdwan-VQAhEjYw?
To fix cisco-sa-ios-xe-sdwan-VQAhEjYw, you should apply the latest software updates provided by Cisco for IOS XE SD-WAN Software.
Who is affected by cisco-sa-ios-xe-sdwan-VQAhEjYw?
Organizations using Cisco IOS XE SD-WAN Software are affected by cisco-sa-ios-xe-sdwan-VQAhEjYw.
What type of attacker can exploit cisco-sa-ios-xe-sdwan-VQAhEjYw?
Only authenticated, local attackers with command execution privileges can exploit cisco-sa-ios-xe-sdwan-VQAhEjYw.
What causes the vulnerability in cisco-sa-ios-xe-sdwan-VQAhEjYw?
The vulnerability in cisco-sa-ios-xe-sdwan-VQAhEjYw is caused by insufficient input validation in the CLI of Cisco IOS XE SD-WAN Software.
- collector/cisco-recent
- agent/type
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- agent/references
- agent/title
- agent/severity
- agent/weakness
- agent/description
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco standalone ios xe sd-wan releases