{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T01:23:27.278","vulnerabilities":[{"cve":{"id":"CVE-2021-34724","sourceIdentifier":"psirt@cisco.com","published":"2021-09-23T03:15:18.813","lastModified":"2024-11-21T06:11:03.303","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device."},{"lang":"es","value":"Una vulnerabilidad en la CLI de Cisco IOS XE SD-WAN Software podría permitir a un atacante local autenticado elevar los privilegios y ejecutar código arbitrario en el sistema operativo subyacente como usuario root. Un atacante debe estar autenticado en un dispositivo afectado como usuario PRIV15. Esta vulnerabilidad es debido a una protección insuficiente del sistema de archivos y a la presencia de un archivo confidencial en el directorio bootflash de un dispositivo afectado. Un atacante podría explotar esta vulnerabilidad al sobrescribir un archivo de instalación almacenado en el directorio bootflash con comandos arbitrarios que pueden ser ejecutados con privilegios de nivel root. Una explotación con éxito podría permitir al atacante leer y escribir cambios en la base de datos de configuración del dispositivo afectado"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:N","baseScore":6.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":9.2,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*","versionEndIncluding":"17.3.1a","matchCriteriaId":"B9AD971B-2DB8-416D-B895-B1D0867C8F55"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"F4856E07-B3C2-4674-9584-866F6AF643B2"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"A6F668B9-2C1D-4306-8286-35E67D0F67C7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"A2D2305B-B69E-4F74-A44E-07B3205CE9F7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"1952B64C-4AE0-4CCB-86C5-8D1FF6A12822"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"5AAD4397-6DCF-493A-BD61-3A890F6F3AB2"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"5EB8A757-7888-4AC2-BE44-B89DB83C6C77"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"BB9229F3-7BCE-46C4-9879-D57B5BAAE44E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"B80890A8-E3D3-462C-B125-9E9BC6525B02"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"0547E196-5991-4C33-823A-342542E9DFD3"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"802CBFC1-8A2F-4BF7-A1D3-00622C33BE16"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"D916389F-54DB-44CB-91DD-7CE3C7059350"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:422_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"03A273EE-41C1-41E9-9002-46F83FC6533F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"6C8AED7C-DDA3-4C29-BB95-6518C02C551A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"9421DBEF-AE42-4234-B49F-FCC34B804D7F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"5419CB9F-241F-4431-914F-2659BE27BEA5"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"5720462A-BE6B-4E84-A1A1-01E80BBA86AD"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"818CEFA6-208C-43C3-8E43-474A93ADCF21"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"82225D40-537F-41D2-B1C4-1B7D06466B06"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"E8B60888-6E2B-494E-AC65-83337661EE7D"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*","matchCriteriaId":"91209C16-A620-44A0-9134-8AA456343F29"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*","matchCriteriaId":"3C5C1005-0C12-4EDA-BC4A-B52201C4F516"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*","matchCriteriaId":"FE2182E7-C813-4966-A36C-E648A9344299"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1000_series:-:*:*:*:*:*:*:*","matchCriteriaId":"76B7C13F-46C5-460A-A6C9-3837A28A0CE2"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1000_series_route_processor_\\(rp2\\):-:*:*:*:*:*:*:*","matchCriteriaId":"C02F9303-F9DF-4166-AB4B-8C26B9FAD109"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1000_series_route_processor_\\(rp3\\):-:*:*:*:*:*:*:*","matchCriteriaId":"372CB4D6-BB22-4521-9C18-C0A663717168"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*","matchCriteriaId":"ED7C321E-F083-4AB6-96A0-D6358980441E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*","matchCriteriaId":"7594E307-AC80-41EC-AE94-07E664A7D701"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*","matchCriteriaId":"33208B25-0CBB-4E31-A892-60B7B5625155"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*","matchCriteriaId":"09C913FF-63D5-43FB-8B39-598EF436BA5A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*","matchCriteriaId":"241EEBD9-76E4-4AE6-96B8-1C1ACD834F17"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*","matchCriteriaId":"E4376E56-A21C-4642-A85D-439C8E21CD7F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*","matchCriteriaId":"CD2794BD-C8CE-46EF-9857-1723FCF04E46"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*","matchCriteriaId":"CC03A84F-C8F2-4225-9A00-8FA35368CD57"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*","matchCriteriaId":"444F688F-79D0-4F22-B530-7BD520080B8F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*","matchCriteriaId":"51F2A755-556C-4C5E-8622-96D124319AF7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*","matchCriteriaId":"55DD2272-10C2-43B9-9F13-6DC41DBE179B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*","matchCriteriaId":"7428E0A8-1641-47FB-9CA9-34311DEF660D"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*","matchCriteriaId":"DE7401B7-094C-46EB-9869-2F0372E8B26B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*","matchCriteriaId":"8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*","matchCriteriaId":"854D9594-FE84-4E7B-BA21-A3287F2DC302"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*","matchCriteriaId":"C81CC6E3-B989-4730-820E-46734E3E608D"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*","matchCriteriaId":"BF8B0B49-2C99-410B-B011-5B821C5992FB"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}