VDB
CISCO-SA-SD-WAN-PRIV-E6E8TEDF
CISCO-SA-SD-WAN-PRIV-E6E8TEDF
PUBLISHED
CVSS 7.800000190734863 HIGH
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco SD-WAN vContainer | ||
| Cisco SD-WAN vEdge Cloud | ||
| Cisco SD-WAN vEdge Router | ||
| Cisco Catalyst SD-WAN | ||
| Cisco Catalyst SD-WAN Manager |
Exploit Intelligence
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF (circl)
- https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html (circl)
- https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes (circl)
- http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html (circl)
- https://www.cisco.com/c/en/us/support/index.html (circl)
- https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html (circl)
- https://www.cisco.com/go/psirt (circl)
- https://software.cisco.com (circl)
Timeline
- Sep 28, 2022 CVE Published
- Feb 25, 2026 CVE Updated
References
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF advisory
- https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html url
- https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes url
- http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html url
- https://www.cisco.com/c/en/us/support/index.html url
- https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html url
- https://www.cisco.com/go/psirt url
- https://software.cisco.com fix