QID 316969
Date Published: 2021-05-10
QID 316969: Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities(cisco-sa-sdwan-buffover-MWGucjtO)
Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to
execute arbitrary code as the root user or cause a denial of
service (DoS) condition on an affected device.
Affected Products
Cisco products if they are running a vulnerable release of Cisco SD-WAN vEdge Software:
SD-WAN vEdge Cloud Routers
SD-WAN vEdge Routers
Cisco SD-WAN Software releases :
Prior to 20.4.1
From 20.5.0 Prior to 20.5.1
Note: Support only for SD-WAN vedge-100-M.
QID detection logic:
The QID checks for Cisco SD WAN version retrieved via Unix Auth using "show system status" command.
A successful exploit could allow the attacker to conduct a controllable buffer overflow attack and
possibly execute arbitrary commands as the root user, or cause the device to reload, resulting in a DoS condition.
Customers are advised to refer to cisco-sa-sdwan-buffover-MWGucjtO for more information.
- cisco-sa-sdwan-buffover-MWGucjtO -
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO
CVEs related to QID 316969
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-sdwan-buffover-MWGucjtO |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO |