Search

Find a vulnerability

Search criteria

    52 vulnerabilities found for ios_xe_sd-wan by cisco

    CVE-2025-20352 (GCVE-0-2025-20352)

    Vulnerability from nvd – Published: 2025-09-24 17:10 – Updated: 2026-02-26 17:48
    VLAI CISA KEVIntel
    Summary
    A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials. An authenticated, remote attacker with high privileges could execute code as the root user on an affected device that is running Cisco IOS XE Software. To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks. This vulnerability is due to a stack overflow condition in the SNMP subsystem of the affected software. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system. Note: This vulnerability affects all versions of SNMP.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Cisco IOS Affected: 12.2(55)SE
    Affected: 12.2(55)SE3
    Affected: 12.2(55)SE2
    Affected: 12.2(58)SE
    Affected: 12.2(55)SE1
    Affected: 12.2(58)SE1
    Affected: 12.2(55)SE4
    Affected: 12.2(58)SE2
    Affected: 12.2(55)SE5
    Affected: 12.2(55)SE6
    Affected: 12.2(55)SE7
    Affected: 12.2(55)SE8
    Affected: 12.2(55)SE9
    Affected: 12.2(55)SE10
    Affected: 12.2(55)SE11
    Affected: 12.2(55)SE12
    Affected: 12.2(55)SE13
    Affected: 12.2(58)EZ
    Affected: 12.2(53)EZ
    Affected: 12.2(55)EZ
    Affected: 12.2(60)EZ
    Affected: 12.2(60)EZ1
    Affected: 12.2(60)EZ2
    Affected: 12.2(60)EZ3
    Affected: 12.2(60)EZ4
    Affected: 12.2(60)EZ5
    Affected: 12.2(60)EZ6
    Affected: 12.2(60)EZ7
    Affected: 12.2(60)EZ8
    Affected: 12.2(60)EZ9
    Affected: 12.2(60)EZ10
    Affected: 12.2(60)EZ11
    Affected: 12.2(60)EZ12
    Affected: 12.2(60)EZ13
    Affected: 12.2(60)EZ14
    Affected: 12.2(60)EZ15
    Affected: 12.2(33)SXI2
    Affected: 12.2(33)SXI3
    Affected: 12.2(33)SXI5
    Affected: 12.2(33)SXI4a
    Affected: 12.2(33)SXI4
    Affected: 12.2(33)SXI2a
    Affected: 12.2(33)SXI
    Affected: 12.2(33)SXI6
    Affected: 12.2(33)SXI7
    Affected: 12.2(33)SXI1
    Affected: 12.2(33)SXI8
    Affected: 12.2(33)SXI9
    Affected: 12.2(33)SXI8a
    Affected: 12.2(33)SXI10
    Affected: 12.2(33)SXI11
    Affected: 12.2(33)SXI12
    Affected: 12.2(33)SXI13
    Affected: 12.2(33)SXI14
    Affected: 12.2(50)SQ2
    Affected: 12.2(50)SQ1
    Affected: 12.2(50)SQ
    Affected: 12.2(50)SQ3
    Affected: 12.2(50)SQ4
    Affected: 12.2(50)SQ5
    Affected: 12.2(50)SQ6
    Affected: 12.2(50)SQ7
    Affected: 15.3(1)T
    Affected: 15.3(2)T
    Affected: 15.3(1)T1
    Affected: 15.3(1)T2
    Affected: 15.3(1)T3
    Affected: 15.3(1)T4
    Affected: 15.3(2)T1
    Affected: 15.3(2)T2
    Affected: 15.3(2)T3
    Affected: 15.3(2)T4
    Affected: 15.0(1)EY
    Affected: 15.0(1)EY1
    Affected: 15.0(1)EY2
    Affected: 15.0(2)EY
    Affected: 15.0(2)EY1
    Affected: 15.0(2)EY2
    Affected: 15.0(2)EY3
    Affected: 15.0(1)SE
    Affected: 15.0(2)SE
    Affected: 15.0(1)SE1
    Affected: 15.0(1)SE2
    Affected: 15.0(1)SE3
    Affected: 15.0(2)SE1
    Affected: 15.0(2)SE2
    Affected: 15.0(2)SE3
    Affected: 15.0(2)SE4
    Affected: 15.0(2)SE5
    Affected: 15.0(2)SE6
    Affected: 15.0(2)SE7
    Affected: 15.0(2)SE8
    Affected: 15.0(2)SE9
    Affected: 15.0(2)SE10
    Affected: 15.0(2)SE11
    Affected: 15.0(2)SE10a
    Affected: 15.0(2)SE12
    Affected: 15.0(2)SE13
    Affected: 15.0(1)SY
    Affected: 15.0(1)SY1
    Affected: 15.0(1)SY2
    Affected: 15.0(1)SY3
    Affected: 15.0(1)SY4
    Affected: 15.0(1)SY5
    Affected: 15.0(1)SY6
    Affected: 15.0(1)SY7
    Affected: 15.0(1)SY8
    Affected: 15.0(1)SY7a
    Affected: 15.0(1)SY9
    Affected: 15.0(1)SY10
    Affected: 12.2(33)SXJ
    Affected: 12.2(33)SXJ1
    Affected: 12.2(33)SXJ2
    Affected: 12.2(33)SXJ3
    Affected: 12.2(33)SXJ4
    Affected: 12.2(33)SXJ5
    Affected: 12.2(33)SXJ6
    Affected: 12.2(33)SXJ7
    Affected: 12.2(33)SXJ8
    Affected: 12.2(33)SXJ9
    Affected: 12.2(33)SXJ10
    Affected: 15.1(1)SG
    Affected: 15.1(2)SG
    Affected: 15.1(1)SG1
    Affected: 15.1(1)SG2
    Affected: 15.1(2)SG1
    Affected: 15.1(2)SG2
    Affected: 15.1(2)SG3
    Affected: 15.1(2)SG4
    Affected: 15.1(2)SG5
    Affected: 15.1(2)SG6
    Affected: 15.1(2)SG7
    Affected: 15.1(2)SG8
    Affected: 15.2(4)M
    Affected: 15.2(4)M1
    Affected: 15.2(4)M2
    Affected: 15.2(4)M4
    Affected: 15.2(4)M3
    Affected: 15.2(4)M5
    Affected: 15.2(4)M8
    Affected: 15.2(4)M10
    Affected: 15.2(4)M7
    Affected: 15.2(4)M6
    Affected: 15.2(4)M9
    Affected: 15.2(4)M6a
    Affected: 15.2(4)M11
    Affected: 15.0(2)SG
    Affected: 15.0(2)SG1
    Affected: 15.0(2)SG2
    Affected: 15.0(2)SG3
    Affected: 15.0(2)SG4
    Affected: 15.0(2)SG5
    Affected: 15.0(2)SG6
    Affected: 15.0(2)SG7
    Affected: 15.0(2)SG8
    Affected: 15.0(2)SG9
    Affected: 15.0(2)SG10
    Affected: 15.0(2)SG11
    Affected: 15.2(2)GC
    Affected: 15.2(3)GC
    Affected: 15.2(3)GC1
    Affected: 15.2(4)GC
    Affected: 15.2(4)GC1
    Affected: 15.2(4)GC2
    Affected: 15.2(4)GC3
    Affected: 15.1(1)SY
    Affected: 15.1(1)SY1
    Affected: 15.1(2)SY
    Affected: 15.1(2)SY1
    Affected: 15.1(2)SY2
    Affected: 15.1(1)SY2
    Affected: 15.1(1)SY3
    Affected: 15.1(2)SY3
    Affected: 15.1(1)SY4
    Affected: 15.1(2)SY4
    Affected: 15.1(1)SY5
    Affected: 15.1(2)SY5
    Affected: 15.1(2)SY4a
    Affected: 15.1(1)SY6
    Affected: 15.1(2)SY6
    Affected: 15.1(2)SY7
    Affected: 15.1(2)SY8
    Affected: 15.1(2)SY9
    Affected: 15.1(2)SY10
    Affected: 15.1(2)SY11
    Affected: 15.1(2)SY12
    Affected: 15.1(2)SY13
    Affected: 15.1(2)SY14
    Affected: 15.1(2)SY15
    Affected: 15.1(2)SY16
    Affected: 15.4(1)T
    Affected: 15.4(2)T
    Affected: 15.4(1)T2
    Affected: 15.4(1)T1
    Affected: 15.4(1)T3
    Affected: 15.4(2)T1
    Affected: 15.4(2)T3
    Affected: 15.4(2)T2
    Affected: 15.4(1)T4
    Affected: 15.4(2)T4
    Affected: 15.0(2)EA
    Affected: 15.0(2)EA1
    Affected: 15.2(1)E
    Affected: 15.2(2)E
    Affected: 15.2(1)E1
    Affected: 15.2(3)E
    Affected: 15.2(1)E2
    Affected: 15.2(1)E3
    Affected: 15.2(2)E1
    Affected: 15.2(4)E
    Affected: 15.2(3)E1
    Affected: 15.2(2)E2
    Affected: 15.2(2a)E1
    Affected: 15.2(2)E3
    Affected: 15.2(2a)E2
    Affected: 15.2(3)E2
    Affected: 15.2(3a)E
    Affected: 15.2(3)E3
    Affected: 15.2(4)E1
    Affected: 15.2(2)E4
    Affected: 15.2(2)E5
    Affected: 15.2(4)E2
    Affected: 15.2(3)E4
    Affected: 15.2(5)E
    Affected: 15.2(4)E3
    Affected: 15.2(2)E6
    Affected: 15.2(5a)E
    Affected: 15.2(5)E1
    Affected: 15.2(5b)E
    Affected: 15.2(2)E5a
    Affected: 15.2(5c)E
    Affected: 15.2(2)E5b
    Affected: 15.2(5a)E1
    Affected: 15.2(4)E4
    Affected: 15.2(2)E7
    Affected: 15.2(5)E2
    Affected: 15.2(6)E
    Affected: 15.2(4)E5
    Affected: 15.2(5)E2c
    Affected: 15.2(2)E8
    Affected: 15.2(6)E0a
    Affected: 15.2(6)E1
    Affected: 15.2(6)E0c
    Affected: 15.2(4)E6
    Affected: 15.2(6)E2
    Affected: 15.2(2)E9
    Affected: 15.2(4)E7
    Affected: 15.2(7)E
    Affected: 15.2(2)E10
    Affected: 15.2(4)E8
    Affected: 15.2(6)E2a
    Affected: 15.2(6)E2b
    Affected: 15.2(7)E1
    Affected: 15.2(7)E0a
    Affected: 15.2(7)E0b
    Affected: 15.2(7)E0s
    Affected: 15.2(6)E3
    Affected: 15.2(4)E9
    Affected: 15.2(7)E2
    Affected: 15.2(7a)E0b
    Affected: 15.2(4)E10
    Affected: 15.2(7)E3
    Affected: 15.2(7)E1a
    Affected: 15.2(7b)E0b
    Affected: 15.2(7)E2a
    Affected: 15.2(4)E10a
    Affected: 15.2(7)E4
    Affected: 15.2(7)E3k
    Affected: 15.2(8)E
    Affected: 15.2(8)E1
    Affected: 15.2(7)E5
    Affected: 15.2(7)E6
    Affected: 15.2(8)E2
    Affected: 15.2(4)E10d
    Affected: 15.2(7)E7
    Affected: 15.2(8)E3
    Affected: 15.2(7)E8
    Affected: 15.2(8)E4
    Affected: 15.2(7)E9
    Affected: 15.2(8)E5
    Affected: 15.2(8)E6
    Affected: 15.2(7)E10
    Affected: 15.2(7)E11
    Affected: 15.2(8)E7
    Affected: 15.2(7)E12
    Affected: 15.2(2)JB
    Affected: 15.2(2)JB2
    Affected: 15.2(4)JB
    Affected: 15.2(2)JB3
    Affected: 15.2(4)JB1
    Affected: 15.2(4)JB2
    Affected: 15.2(4)JB3
    Affected: 15.2(4)JB3a
    Affected: 15.2(2)JB4
    Affected: 15.2(4)JB4
    Affected: 15.2(4)JB3h
    Affected: 15.2(4)JB3b
    Affected: 15.2(4)JB5
    Affected: 15.2(4)JB6
    Affected: 15.2(2)JB5
    Affected: 15.2(2)JB6
    Affected: 15.2(2)JAX
    Affected: 15.3(3)M
    Affected: 15.3(3)M1
    Affected: 15.3(3)M2
    Affected: 15.3(3)M3
    Affected: 15.3(3)M5
    Affected: 15.3(3)M4
    Affected: 15.3(3)M6
    Affected: 15.3(3)M7
    Affected: 15.3(3)M8
    Affected: 15.3(3)M9
    Affected: 15.3(3)M10
    Affected: 15.3(3)M8a
    Affected: 15.2(4)JN
    Affected: 15.2(1)EY
    Affected: 15.0(2)EJ
    Affected: 15.0(2)EJ1
    Affected: 15.2(1)SY
    Affected: 15.2(1)SY1
    Affected: 15.2(1)SY0a
    Affected: 15.2(1)SY2
    Affected: 15.2(2)SY
    Affected: 15.2(1)SY1a
    Affected: 15.2(2)SY1
    Affected: 15.2(2)SY2
    Affected: 15.2(1)SY3
    Affected: 15.2(1)SY4
    Affected: 15.2(2)SY3
    Affected: 15.2(1)SY5
    Affected: 15.2(1)SY6
    Affected: 15.2(1)SY7
    Affected: 15.2(1)SY8
    Affected: 15.2(5)EX
    Affected: 15.0(2)EK
    Affected: 15.0(2)EK1
    Affected: 15.4(1)CG
    Affected: 15.4(1)CG1
    Affected: 15.4(2)CG
    Affected: 15.5(1)S
    Affected: 15.5(2)S
    Affected: 15.5(1)S1
    Affected: 15.5(3)S
    Affected: 15.5(1)S2
    Affected: 15.5(1)S3
    Affected: 15.5(2)S1
    Affected: 15.5(2)S2
    Affected: 15.5(3)S1
    Affected: 15.5(3)S1a
    Affected: 15.5(2)S3
    Affected: 15.5(3)S2
    Affected: 15.5(3)S0a
    Affected: 15.5(3)S3
    Affected: 15.5(1)S4
    Affected: 15.5(2)S4
    Affected: 15.5(3)S4
    Affected: 15.5(3)S5
    Affected: 15.5(3)S6
    Affected: 15.5(3)S6a
    Affected: 15.5(3)S7
    Affected: 15.5(3)S6b
    Affected: 15.5(3)S8
    Affected: 15.5(3)S9
    Affected: 15.5(3)S10
    Affected: 15.5(3)S9a
    Affected: 15.5(1)T
    Affected: 15.5(1)T1
    Affected: 15.5(2)T
    Affected: 15.5(1)T2
    Affected: 15.5(1)T3
    Affected: 15.5(2)T1
    Affected: 15.5(2)T2
    Affected: 15.5(2)T3
    Affected: 15.5(2)T4
    Affected: 15.5(1)T4
    Affected: 15.2(2)EA
    Affected: 15.2(2)EA1
    Affected: 15.2(2)EA2
    Affected: 15.2(3)EA
    Affected: 15.2(4)EA
    Affected: 15.2(4)EA1
    Affected: 15.2(2)EA3
    Affected: 15.2(4)EA3
    Affected: 15.2(5)EA
    Affected: 15.2(4)EA4
    Affected: 15.2(4)EA5
    Affected: 15.2(4)EA6
    Affected: 15.2(4)EA7
    Affected: 15.2(4)EA8
    Affected: 15.2(4)EA9
    Affected: 15.2(4)EA9a
    Affected: 15.3(3)JN3
    Affected: 15.3(3)JN4
    Affected: 15.3(3)JN7
    Affected: 15.3(3)JN8
    Affected: 15.3(3)JN9
    Affected: 15.5(3)M
    Affected: 15.5(3)M1
    Affected: 15.5(3)M0a
    Affected: 15.5(3)M2
    Affected: 15.5(3)M3
    Affected: 15.5(3)M4
    Affected: 15.5(3)M4a
    Affected: 15.5(3)M5
    Affected: 15.5(3)M6
    Affected: 15.5(3)M7
    Affected: 15.5(3)M6a
    Affected: 15.5(3)M8
    Affected: 15.5(3)M9
    Affected: 15.5(3)M10
    Affected: 15.3(3)JA1m
    Affected: 15.3(3)JA1
    Affected: 15.3(3)JA4
    Affected: 15.3(3)JA5
    Affected: 15.3(3)JA6
    Affected: 15.3(3)JA7
    Affected: 15.3(3)JA8
    Affected: 15.3(3)JA10
    Affected: 15.3(3)JA11
    Affected: 15.3(3)JA12
    Affected: 15.3(3)JAA
    Affected: 15.3(3)JAA11
    Affected: 15.3(3)JAA12
    Affected: 15.3(3)JAB
    Affected: 15.3(3)JB
    Affected: 15.5(3)SN
    Affected: 15.0(2)SQD
    Affected: 15.0(2)SQD1
    Affected: 15.0(2)SQD2
    Affected: 15.0(2)SQD3
    Affected: 15.0(2)SQD4
    Affected: 15.0(2)SQD5
    Affected: 15.0(2)SQD6
    Affected: 15.0(2)SQD7
    Affected: 15.0(2)SQD8
    Affected: 15.6(1)S
    Affected: 15.6(2)S
    Affected: 15.6(2)S1
    Affected: 15.6(1)S1
    Affected: 15.6(1)S2
    Affected: 15.6(2)S2
    Affected: 15.6(1)S3
    Affected: 15.6(2)S3
    Affected: 15.6(1)S4
    Affected: 15.6(2)S4
    Affected: 15.6(1)T
    Affected: 15.6(2)T
    Affected: 15.6(1)T0a
    Affected: 15.6(1)T1
    Affected: 15.6(2)T1
    Affected: 15.6(1)T2
    Affected: 15.6(2)T2
    Affected: 15.6(1)T3
    Affected: 15.6(2)T3
    Affected: 15.3(3)JNB
    Affected: 15.3(3)JNB1
    Affected: 15.3(3)JNB2
    Affected: 15.3(3)JNB3
    Affected: 15.3(3)JNB4
    Affected: 15.3(3)JNB6
    Affected: 15.3(3)JNB5
    Affected: 15.3(3)JAX
    Affected: 15.3(3)JAX1
    Affected: 15.3(3)JAX2
    Affected: 15.3(3)JBB
    Affected: 15.3(3)JBB1
    Affected: 15.3(3)JBB2
    Affected: 15.3(3)JBB4
    Affected: 15.3(3)JBB5
    Affected: 15.3(3)JBB6
    Affected: 15.3(3)JBB8
    Affected: 15.3(3)JBB6a
    Affected: 15.3(3)JC
    Affected: 15.3(3)JC1
    Affected: 15.3(3)JC2
    Affected: 15.3(3)JC3
    Affected: 15.3(3)JC4
    Affected: 15.3(3)JC5
    Affected: 15.3(3)JC6
    Affected: 15.3(3)JC8
    Affected: 15.3(3)JC9
    Affected: 15.3(3)JC14
    Affected: 15.3(1)SY
    Affected: 15.3(1)SY1
    Affected: 15.3(1)SY2
    Affected: 15.3(3)JNC
    Affected: 15.3(3)JNC1
    Affected: 15.3(3)JNC4
    Affected: 15.3(3)JNP
    Affected: 15.3(3)JNP1
    Affected: 15.3(3)JNP3
    Affected: 15.6(2)SP
    Affected: 15.6(2)SP1
    Affected: 15.6(2)SP2
    Affected: 15.6(2)SP3
    Affected: 15.6(2)SP4
    Affected: 15.6(2)SP5
    Affected: 15.6(2)SP6
    Affected: 15.6(2)SP7
    Affected: 15.6(2)SP8
    Affected: 15.6(2)SP9
    Affected: 15.6(2)SN
    Affected: 15.3(3)JPB
    Affected: 15.3(3)JPB1
    Affected: 15.3(3)JD
    Affected: 15.3(3)JD2
    Affected: 15.3(3)JD3
    Affected: 15.3(3)JD4
    Affected: 15.3(3)JD5
    Affected: 15.3(3)JD6
    Affected: 15.3(3)JD7
    Affected: 15.3(3)JD8
    Affected: 15.3(3)JD9
    Affected: 15.3(3)JD11
    Affected: 15.3(3)JD13
    Affected: 15.3(3)JD14
    Affected: 15.3(3)JD16
    Affected: 15.3(3)JD17
    Affected: 15.6(3)M
    Affected: 15.6(3)M1
    Affected: 15.6(3)M0a
    Affected: 15.6(3)M1b
    Affected: 15.6(3)M2
    Affected: 15.6(3)M2a
    Affected: 15.6(3)M3
    Affected: 15.6(3)M3a
    Affected: 15.6(3)M4
    Affected: 15.6(3)M5
    Affected: 15.6(3)M6
    Affected: 15.6(3)M7
    Affected: 15.6(3)M6a
    Affected: 15.6(3)M6b
    Affected: 15.6(3)M8
    Affected: 15.6(3)M9
    Affected: 15.2(4)EC1
    Affected: 15.2(4)EC2
    Affected: 15.3(3)JPC
    Affected: 15.3(3)JPC1
    Affected: 15.3(3)JPC2
    Affected: 15.3(3)JPC3
    Affected: 15.3(3)JPC5
    Affected: 15.3(3)JND
    Affected: 15.3(3)JND1
    Affected: 15.3(3)JND2
    Affected: 15.3(3)JND3
    Affected: 15.4(1)SY
    Affected: 15.4(1)SY1
    Affected: 15.4(1)SY2
    Affected: 15.4(1)SY3
    Affected: 15.4(1)SY4
    Affected: 15.3(3)JE
    Affected: 15.3(3)JPD
    Affected: 15.3(3)JDA7
    Affected: 15.3(3)JDA8
    Affected: 15.3(3)JDA9
    Affected: 15.3(3)JDA11
    Affected: 15.3(3)JDA13
    Affected: 15.3(3)JDA14
    Affected: 15.3(3)JDA16
    Affected: 15.3(3)JDA17
    Affected: 15.5(1)SY
    Affected: 15.5(1)SY1
    Affected: 15.5(1)SY2
    Affected: 15.5(1)SY3
    Affected: 15.5(1)SY4
    Affected: 15.5(1)SY5
    Affected: 15.5(1)SY6
    Affected: 15.5(1)SY7
    Affected: 15.5(1)SY8
    Affected: 15.5(1)SY9
    Affected: 15.5(1)SY10
    Affected: 15.5(1)SY11
    Affected: 15.5(1)SY12
    Affected: 15.5(1)SY13
    Affected: 15.5(1)SY14
    Affected: 15.5(1)SY15
    Affected: 15.3(3)JF
    Affected: 15.3(3)JF1
    Affected: 15.3(3)JF2
    Affected: 15.3(3)JF4
    Affected: 15.3(3)JF5
    Affected: 15.3(3)JF6
    Affected: 15.3(3)JF7
    Affected: 15.3(3)JF8
    Affected: 15.3(3)JF9
    Affected: 15.3(3)JF10
    Affected: 15.3(3)JF11
    Affected: 15.3(3)JF12
    Affected: 15.3(3)JF12i
    Affected: 15.3(3)JF14
    Affected: 15.3(3)JF14i
    Affected: 15.3(3)JF15
    Affected: 15.3(3)JCA7
    Affected: 15.3(3)JCA8
    Affected: 15.3(3)JCA9
    Affected: 15.7(3)M
    Affected: 15.7(3)M1
    Affected: 15.7(3)M0a
    Affected: 15.7(3)M3
    Affected: 15.7(3)M2
    Affected: 15.7(3)M4
    Affected: 15.7(3)M5
    Affected: 15.7(3)M4a
    Affected: 15.7(3)M4b
    Affected: 15.7(3)M6
    Affected: 15.7(3)M7
    Affected: 15.7(3)M8
    Affected: 15.7(3)M9
    Affected: 15.3(3)JG
    Affected: 15.3(3)JG1
    Affected: 15.3(3)JH
    Affected: 15.3(3)JH1
    Affected: 15.3(3)JI1
    Affected: 15.3(3)JI3
    Affected: 15.3(3)JI4
    Affected: 15.3(3)JI5
    Affected: 15.3(3)JI6
    Affected: 15.8(3)M
    Affected: 15.8(3)M1
    Affected: 15.8(3)M0a
    Affected: 15.8(3)M0b
    Affected: 15.8(3)M2
    Affected: 15.8(3)M1a
    Affected: 15.8(3)M3
    Affected: 15.8(3)M2a
    Affected: 15.8(3)M4
    Affected: 15.8(3)M3a
    Affected: 15.8(3)M3b
    Affected: 15.8(3)M5
    Affected: 15.8(3)M6
    Affected: 15.8(3)M7
    Affected: 15.8(3)M8
    Affected: 15.8(3)M9
    Affected: 15.9(3)M
    Affected: 15.9(3)M1
    Affected: 15.9(3)M0a
    Affected: 15.9(3)M2
    Affected: 15.9(3)M3
    Affected: 15.9(3)M2a
    Affected: 15.9(3)M3a
    Affected: 15.9(3)M4
    Affected: 15.9(3)M3b
    Affected: 15.9(3)M5
    Affected: 15.9(3)M4a
    Affected: 15.9(3)M6
    Affected: 15.9(3)M7
    Affected: 15.9(3)M6a
    Affected: 15.9(3)M6b
    Affected: 15.9(3)M8
    Affected: 15.9(3)M7a
    Affected: 15.9(3)M9
    Affected: 15.9(3)M8b
    Affected: 15.9(3)M10
    Affected: 15.9(3)M11
    Affected: 15.3(3)JK
    Affected: 15.3(3)JK1
    Affected: 15.3(3)JK2
    Affected: 15.3(3)JK3
    Affected: 15.3(3)JK2a
    Affected: 15.3(3)JK1t
    Affected: 15.3(3)JK4
    Affected: 15.3(3)JK5
    Affected: 15.3(3)JK6
    Affected: 15.3(3)JK7
    Affected: 15.3(3)JK8
    Affected: 15.3(3)JK8a
    Affected: 15.3(3)JK8b
    Affected: 15.3(3)JK9
    Affected: 15.3(3)JK10
    Affected: 15.3(3)JK11
    Affected: 15.3(3)JJ
    Affected: 15.3(3)JJ1
    Affected: 15.3(3)JPI1
    Affected: 15.3(3)JPI4
    Affected: 15.3(3)JPI1t
    Affected: 15.3(3)JPI5
    Affected: 15.3(3)JPI7
    Affected: 15.3(3)JPI6a
    Affected: 15.3(3)JPI8a
    Affected: 15.3(3)JPI9
    Affected: 15.3(3)JPI10
    Affected: 15.3(3)JPJ2
    Affected: 15.3(3)JPJ3
    Affected: 15.3(3)JPJ2t
    Affected: 15.3(3)JPJ3a
    Affected: 15.3(3)JPJ4
    Affected: 15.3(3)JPJ5
    Affected: 15.3(3)JPJ6
    Affected: 15.3(3)JPJ7
    Affected: 15.3(3)JPJ7c
    Affected: 15.3(3)JPJ8a
    Affected: 15.3(3)JPJ9
    Affected: 15.3(3)JPJ10
    Affected: 15.3(3)JPJ11
    Affected: 15.3(3)JPK
    Affected: 15.3(3)JPK1
    Affected: 15.3(3)JPK2
    Affected: 15.3(3)JPK3
    Affected: 15.3(3)JPK4
    Affected: 15.3(3)JPK5
    Affected: 15.3(3)JPK6
    Affected: 15.3(3)JPK7
    Affected: 15.3(3)JPK8
    Affected: 15.3(3)JPK9
    Affected: 15.3(3)JPL
    Affected: 15.3(3)JPM
    Affected: 15.3(3)JPN
    Affected: 15.3(3)JPN1
    Affected: 15.3(3)JPN2
    Affected: 15.3(3)JPN3
    Affected: 15.3(3)JPN4
    Affected: 15.3(3)JPN5
    Affected: 15.3(3)JPN6
    Affected: 15.3(3)JPO
    Affected: 15.3(3)JPP
    Affected: 15.3(3)JPQ
    Affected: 15.3(3)JPQ1
    Affected: 15.3(3)JPQ2
    Affected: 15.3(3)JPQ3
    Affected: 15.3(3)JPQ4
    Affected: 15.3(3)JPQ5
    Affected: 15.3(3)JPR
    Affected: 15.3(3)JPS
    Affected: 15.3(3)JPT
    Affected: 15.3(3)JPT1
    Affected: 15.3(3)JPT2
    Create a notification for this product.
    Cisco Cisco IOS XE Software Affected: 3.5.0E
    Affected: 3.5.1E
    Affected: 3.5.2E
    Affected: 3.5.3E
    Affected: 3.6.0E
    Affected: 3.6.1E
    Affected: 3.6.2aE
    Affected: 3.6.2E
    Affected: 3.6.3E
    Affected: 3.6.4E
    Affected: 3.6.5E
    Affected: 3.6.6E
    Affected: 3.6.5aE
    Affected: 3.6.7E
    Affected: 3.6.8E
    Affected: 3.6.7bE
    Affected: 3.6.9E
    Affected: 3.6.10E
    Affected: 3.14.0S
    Affected: 3.14.1S
    Affected: 3.14.2S
    Affected: 3.14.3S
    Affected: 3.14.4S
    Affected: 3.15.0S
    Affected: 3.15.1S
    Affected: 3.15.2S
    Affected: 3.15.1cS
    Affected: 3.15.3S
    Affected: 3.15.4S
    Affected: 3.7.0E
    Affected: 3.7.1E
    Affected: 3.7.2E
    Affected: 3.7.3E
    Affected: 3.7.4E
    Affected: 3.7.5E
    Affected: 3.5.0SQ
    Affected: 3.5.1SQ
    Affected: 3.5.2SQ
    Affected: 3.5.3SQ
    Affected: 3.5.4SQ
    Affected: 3.5.5SQ
    Affected: 3.5.6SQ
    Affected: 3.5.7SQ
    Affected: 3.5.8SQ
    Affected: 3.16.0S
    Affected: 3.16.1S
    Affected: 3.16.1aS
    Affected: 3.16.2S
    Affected: 3.16.2aS
    Affected: 3.16.0cS
    Affected: 3.16.3S
    Affected: 3.16.2bS
    Affected: 3.16.3aS
    Affected: 3.16.4S
    Affected: 3.16.4aS
    Affected: 3.16.4bS
    Affected: 3.16.5S
    Affected: 3.16.4dS
    Affected: 3.16.6S
    Affected: 3.16.7S
    Affected: 3.16.6bS
    Affected: 3.16.7aS
    Affected: 3.16.7bS
    Affected: 3.16.8S
    Affected: 3.16.9S
    Affected: 3.16.10S
    Affected: 3.17.0S
    Affected: 3.17.1S
    Affected: 3.17.2S
    Affected: 3.17.1aS
    Affected: 3.17.3S
    Affected: 3.17.4S
    Affected: 3.8.0E
    Affected: 3.8.1E
    Affected: 3.8.2E
    Affected: 3.8.3E
    Affected: 3.8.4E
    Affected: 3.8.5E
    Affected: 3.8.5aE
    Affected: 3.8.6E
    Affected: 3.8.7E
    Affected: 3.8.8E
    Affected: 3.8.9E
    Affected: 3.8.10E
    Affected: 3.18.0aS
    Affected: 3.18.0S
    Affected: 3.18.1S
    Affected: 3.18.2S
    Affected: 3.18.3S
    Affected: 3.18.4S
    Affected: 3.18.0SP
    Affected: 3.18.1SP
    Affected: 3.18.1aSP
    Affected: 3.18.1bSP
    Affected: 3.18.1cSP
    Affected: 3.18.2SP
    Affected: 3.18.2aSP
    Affected: 3.18.3SP
    Affected: 3.18.4SP
    Affected: 3.18.3aSP
    Affected: 3.18.3bSP
    Affected: 3.18.5SP
    Affected: 3.18.6SP
    Affected: 3.18.7SP
    Affected: 3.18.8aSP
    Affected: 3.18.9SP
    Affected: 3.9.0E
    Affected: 3.9.1E
    Affected: 3.9.2E
    Affected: 16.6.1
    Affected: 16.6.2
    Affected: 16.6.3
    Affected: 16.6.4
    Affected: 16.6.5
    Affected: 16.6.4a
    Affected: 16.6.5a
    Affected: 16.6.6
    Affected: 16.6.7
    Affected: 16.6.8
    Affected: 16.6.9
    Affected: 16.6.10
    Affected: 16.7.1
    Affected: 16.7.1a
    Affected: 16.7.1b
    Affected: 16.7.2
    Affected: 16.7.3
    Affected: 16.7.4
    Affected: 16.8.1
    Affected: 16.8.1a
    Affected: 16.8.1b
    Affected: 16.8.1s
    Affected: 16.8.1c
    Affected: 16.8.1d
    Affected: 16.8.2
    Affected: 16.8.1e
    Affected: 16.8.3
    Affected: 16.9.1
    Affected: 16.9.2
    Affected: 16.9.1a
    Affected: 16.9.1b
    Affected: 16.9.1s
    Affected: 16.9.3
    Affected: 16.9.4
    Affected: 16.9.3a
    Affected: 16.9.5
    Affected: 16.9.5f
    Affected: 16.9.6
    Affected: 16.9.7
    Affected: 16.9.8
    Affected: 16.10.1
    Affected: 16.10.1a
    Affected: 16.10.1b
    Affected: 16.10.1s
    Affected: 16.10.1c
    Affected: 16.10.1e
    Affected: 16.10.1d
    Affected: 16.10.2
    Affected: 16.10.1f
    Affected: 16.10.1g
    Affected: 16.10.3
    Affected: 3.10.0E
    Affected: 3.10.1E
    Affected: 3.10.0cE
    Affected: 3.10.2E
    Affected: 3.10.3E
    Affected: 16.11.1
    Affected: 16.11.1a
    Affected: 16.11.1b
    Affected: 16.11.2
    Affected: 16.11.1s
    Affected: 16.12.1
    Affected: 16.12.1s
    Affected: 16.12.1a
    Affected: 16.12.1c
    Affected: 16.12.1w
    Affected: 16.12.2
    Affected: 16.12.1y
    Affected: 16.12.2a
    Affected: 16.12.3
    Affected: 16.12.8
    Affected: 16.12.2s
    Affected: 16.12.1x
    Affected: 16.12.1t
    Affected: 16.12.4
    Affected: 16.12.3s
    Affected: 16.12.3a
    Affected: 16.12.4a
    Affected: 16.12.5
    Affected: 16.12.6
    Affected: 16.12.1z1
    Affected: 16.12.5a
    Affected: 16.12.5b
    Affected: 16.12.1z2
    Affected: 16.12.6a
    Affected: 16.12.7
    Affected: 16.12.9
    Affected: 16.12.10
    Affected: 16.12.10a
    Affected: 16.12.11
    Affected: 16.12.12
    Affected: 16.12.13
    Affected: 3.11.0E
    Affected: 3.11.1E
    Affected: 3.11.2E
    Affected: 3.11.3E
    Affected: 3.11.1aE
    Affected: 3.11.4E
    Affected: 3.11.3aE
    Affected: 3.11.5E
    Affected: 3.11.6E
    Affected: 3.11.7E
    Affected: 3.11.8E
    Affected: 3.11.9E
    Affected: 3.11.10E
    Affected: 3.11.11E
    Affected: 3.11.12E
    Affected: 17.1.1
    Affected: 17.1.1a
    Affected: 17.1.1s
    Affected: 17.1.1t
    Affected: 17.1.3
    Affected: 17.2.1
    Affected: 17.2.1r
    Affected: 17.2.1a
    Affected: 17.2.1v
    Affected: 17.2.2
    Affected: 17.2.3
    Affected: 17.3.1
    Affected: 17.3.2
    Affected: 17.3.3
    Affected: 17.3.1a
    Affected: 17.3.1w
    Affected: 17.3.2a
    Affected: 17.3.1x
    Affected: 17.3.1z
    Affected: 17.3.4
    Affected: 17.3.5
    Affected: 17.3.4a
    Affected: 17.3.6
    Affected: 17.3.4b
    Affected: 17.3.4c
    Affected: 17.3.5a
    Affected: 17.3.5b
    Affected: 17.3.7
    Affected: 17.3.8
    Affected: 17.3.8a
    Affected: 17.4.1
    Affected: 17.4.2
    Affected: 17.4.1a
    Affected: 17.4.1b
    Affected: 17.4.2a
    Affected: 17.5.1
    Affected: 17.5.1a
    Affected: 17.6.1
    Affected: 17.6.2
    Affected: 17.6.1w
    Affected: 17.6.1a
    Affected: 17.6.1x
    Affected: 17.6.3
    Affected: 17.6.1y
    Affected: 17.6.1z
    Affected: 17.6.3a
    Affected: 17.6.4
    Affected: 17.6.1z1
    Affected: 17.6.5
    Affected: 17.6.6
    Affected: 17.6.6a
    Affected: 17.6.5a
    Affected: 17.6.7
    Affected: 17.6.8
    Affected: 17.6.8a
    Affected: 17.7.1
    Affected: 17.7.1a
    Affected: 17.7.1b
    Affected: 17.7.2
    Affected: 17.10.1
    Affected: 17.10.1a
    Affected: 17.10.1b
    Affected: 17.8.1
    Affected: 17.8.1a
    Affected: 17.9.1
    Affected: 17.9.1w
    Affected: 17.9.2
    Affected: 17.9.1a
    Affected: 17.9.1x
    Affected: 17.9.1y
    Affected: 17.9.3
    Affected: 17.9.2a
    Affected: 17.9.1x1
    Affected: 17.9.3a
    Affected: 17.9.4
    Affected: 17.9.1y1
    Affected: 17.9.5
    Affected: 17.9.4a
    Affected: 17.9.5a
    Affected: 17.9.5b
    Affected: 17.9.6
    Affected: 17.9.6a
    Affected: 17.9.7
    Affected: 17.9.5e
    Affected: 17.9.5f
    Affected: 17.9.7a
    Affected: 17.9.7b
    Affected: 17.11.1
    Affected: 17.11.1a
    Affected: 17.12.1
    Affected: 17.12.1w
    Affected: 17.12.1a
    Affected: 17.12.1x
    Affected: 17.12.2
    Affected: 17.12.3
    Affected: 17.12.2a
    Affected: 17.12.1y
    Affected: 17.12.1z
    Affected: 17.12.4
    Affected: 17.12.3a
    Affected: 17.12.1z1
    Affected: 17.12.1z2
    Affected: 17.12.4a
    Affected: 17.12.5
    Affected: 17.12.4b
    Affected: 17.12.1z3
    Affected: 17.12.5a
    Affected: 17.12.1z4
    Affected: 17.12.5b
    Affected: 17.12.5c
    Affected: 17.13.1
    Affected: 17.13.1a
    Affected: 17.14.1
    Affected: 17.14.1a
    Affected: 17.15.1
    Affected: 17.15.1w
    Affected: 17.15.1a
    Affected: 17.15.2
    Affected: 17.15.1b
    Affected: 17.15.1x
    Affected: 17.15.1z
    Affected: 17.15.3
    Affected: 17.15.2c
    Affected: 17.15.2a
    Affected: 17.15.1y
    Affected: 17.15.2b
    Affected: 17.15.3a
    Affected: 17.15.4
    Affected: 17.15.3b
    Affected: 17.16.1
    Affected: 17.16.1a
    Affected: 17.17.1
    Affected: 17.18.1
    Create a notification for this product.
    Cisco Cisco IOS XE Catalyst SD-WAN Affected: 16.9.1
    Affected: 16.9.2
    Affected: 16.9.3
    Affected: 16.9.4
    Affected: 16.10.1
    Affected: 16.10.2
    Affected: 16.10.3
    Affected: 16.10.3a
    Affected: 16.10.3b
    Affected: 16.10.4
    Affected: 16.10.5
    Affected: 16.10.6
    Affected: 16.11.1a
    Affected: 16.12.1b
    Affected: 16.12.1d
    Affected: 16.12.1e
    Affected: 16.12.2r
    Affected: 16.12.3
    Affected: 16.12.4
    Affected: 16.12.4a
    Affected: 16.12.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20352",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-27T03:55:24.975809Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-09-29",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20352"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:48:03.098Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20352"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-09-29T00:00:00.000Z",
                "value": "CVE-2025-20352 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IOS",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.2(55)SE"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE3"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE2"
                },
                {
                  "status": "affected",
                  "version": "12.2(58)SE"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE1"
                },
                {
                  "status": "affected",
                  "version": "12.2(58)SE1"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE4"
                },
                {
                  "status": "affected",
                  "version": "12.2(58)SE2"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE5"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE6"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE7"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE8"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE9"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE10"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE11"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE12"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE13"
                },
                {
                  "status": "affected",
                  "version": "12.2(58)EZ"
                },
                {
                  "status": "affected",
                  "version": "12.2(53)EZ"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)EZ"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ1"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ2"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ3"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ4"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ5"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ6"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ7"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ8"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ9"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ10"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ11"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ12"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ13"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ14"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ15"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI2"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI3"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI5"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI4a"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI4"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI2a"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI6"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI7"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI1"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI8"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI9"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI8a"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI10"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI11"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI12"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI13"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI14"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ2"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ1"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ3"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ4"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ5"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ6"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ7"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)T"
                },
                {
                  "status": "affected",
                  "version": "15.3(2)T"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)T1"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)T2"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)T3"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)T4"
                },
                {
                  "status": "affected",
                  "version": "15.3(2)T1"
                },
                {
                  "status": "affected",
                  "version": "15.3(2)T2"
                },
                {
                  "status": "affected",
                  "version": "15.3(2)T3"
                },
                {
                  "status": "affected",
                  "version": "15.3(2)T4"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)EY"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)EY1"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)EY2"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EY"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EY1"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EY2"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EY3"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SE"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SE1"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SE2"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SE3"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE1"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE2"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE3"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE4"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE5"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE6"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE7"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE8"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE9"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE10"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE11"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE10a"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE12"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE13"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY5"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY6"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY7"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY8"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY7a"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY9"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY10"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ1"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ2"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ3"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ4"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ5"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ6"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ7"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ8"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ9"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ10"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SG"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SG1"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SG2"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG1"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG2"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG3"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG4"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG5"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG6"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG7"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG8"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M2"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M4"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M5"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M8"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M10"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M7"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M6"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M9"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M6a"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M11"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG1"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG2"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG3"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG4"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG5"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG6"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG7"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG8"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG9"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG10"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG11"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)GC"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)GC"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)GC1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)GC"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)GC1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)GC2"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)GC3"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY5"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY5"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY4a"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY6"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY6"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY7"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY8"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY9"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY10"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY11"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY12"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY13"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY14"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY15"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY16"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)T"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)T"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)T2"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)T1"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)T3"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)T1"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)T3"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)T2"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)T4"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)T4"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EA"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EA1"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(2a)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(2a)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(3a)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E4"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E5"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)E4"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E6"
                },
                {
                  "status": "affected",
                  "version": "15.2(5a)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(5b)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E5a"
                },
                {
                  "status": "affected",
                  "version": "15.2(5c)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E5b"
                },
                {
                  "status": "affected",
                  "version": "15.2(5a)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E4"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E7"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E5"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)E2c"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E8"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E0a"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E0c"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E6"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E9"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E7"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E10"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E8"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E2a"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E2b"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E0a"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E0b"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E0s"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E9"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(7a)E0b"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E10"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E1a"
                },
                {
                  "status": "affected",
                  "version": "15.2(7b)E0b"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E2a"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E10a"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E4"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E3k"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E5"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E6"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E10d"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E7"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E8"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E4"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E9"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E5"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E6"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E10"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E11"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E7"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E12"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB2"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB2"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB3a"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB4"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB4"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB3h"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB3b"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB5"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB6"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB5"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB6"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JAX"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M8a"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JN"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)EY"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EJ"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EJ1"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY0a"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)SY"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY1a"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY5"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY6"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY7"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY8"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)EX"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EK"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EK1"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)CG"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)CG1"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)CG"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)S"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)S"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)S1"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)S2"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)S3"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)S1"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)S2"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S1"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S1a"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)S3"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S2"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S0a"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S3"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)S4"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)S4"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S4"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S5"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S6"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S6a"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S7"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S6b"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S8"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S9"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S10"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S9a"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)T"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)T1"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)T"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)T2"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)T3"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)T1"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)T2"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)T3"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)T4"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)T4"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)EA"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)EA1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)EA2"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)EA"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)EA3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA3"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)EA"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA4"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA5"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA6"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA7"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA8"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA9"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA9a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JN3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JN4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JN7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JN8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JN9"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M0a"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M4a"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M6a"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA1m"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA12"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAA"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAA11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAA12"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAB"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JB"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)SN"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD1"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD2"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD3"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD4"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD5"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD6"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD7"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD8"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)S"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)S"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)S1"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)S1"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)S2"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)S2"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)S3"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)S3"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)S4"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)S4"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)T"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)T"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)T0a"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)T1"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)T1"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)T2"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)T2"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)T3"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)T3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAX"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAX1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAX2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB6a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC14"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNC"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNC1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNC4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNP"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNP1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNP3"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP1"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP2"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP3"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP4"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP5"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP6"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP7"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP8"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP9"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SN"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPB"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPB1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD13"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD14"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD16"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD17"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M0a"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M1b"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M2a"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M3a"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M6a"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M6b"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EC1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EC2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPC"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPC1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPC2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPC3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPC5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JND"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JND1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JND2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JND3"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JE"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPD"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA13"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA14"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA16"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA17"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY5"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY6"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY7"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY8"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY9"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY10"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY11"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY12"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY13"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY14"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY15"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF12"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF12i"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF14"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF14i"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF15"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JCA7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JCA8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JCA9"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M0a"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M4a"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M4b"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JG"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JG1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JH"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JH1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JI1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JI3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JI4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JI5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JI6"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M0a"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M0b"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M1a"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M2a"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M3a"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M3b"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M0a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M2a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M3a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M3b"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M4a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M6a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M6b"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M7a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M8b"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M10"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK2a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK1t"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK8a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK8b"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JJ"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JJ1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI1t"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI6a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI8a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ2t"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ3a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ7c"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ8a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPL"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPM"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPO"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPP"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPR"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPS"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPT"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPT1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPT2"
                }
              ]
            },
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.5.0E"
                },
                {
                  "status": "affected",
                  "version": "3.5.1E"
                },
                {
                  "status": "affected",
                  "version": "3.5.2E"
                },
                {
                  "status": "affected",
                  "version": "3.5.3E"
                },
                {
                  "status": "affected",
                  "version": "3.6.0E"
                },
                {
                  "status": "affected",
                  "version": "3.6.1E"
                },
                {
                  "status": "affected",
                  "version": "3.6.2aE"
                },
                {
                  "status": "affected",
                  "version": "3.6.2E"
                },
                {
                  "status": "affected",
                  "version": "3.6.3E"
                },
                {
                  "status": "affected",
                  "version": "3.6.4E"
                },
                {
                  "status": "affected",
                  "version": "3.6.5E"
                },
                {
                  "status": "affected",
                  "version": "3.6.6E"
                },
                {
                  "status": "affected",
                  "version": "3.6.5aE"
                },
                {
                  "status": "affected",
                  "version": "3.6.7E"
                },
                {
                  "status": "affected",
                  "version": "3.6.8E"
                },
                {
                  "status": "affected",
                  "version": "3.6.7bE"
                },
                {
                  "status": "affected",
                  "version": "3.6.9E"
                },
                {
                  "status": "affected",
                  "version": "3.6.10E"
                },
                {
                  "status": "affected",
                  "version": "3.14.0S"
                },
                {
                  "status": "affected",
                  "version": "3.14.1S"
                },
                {
                  "status": "affected",
                  "version": "3.14.2S"
                },
                {
                  "status": "affected",
                  "version": "3.14.3S"
                },
                {
                  "status": "affected",
                  "version": "3.14.4S"
                },
                {
                  "status": "affected",
                  "version": "3.15.0S"
                },
                {
                  "status": "affected",
                  "version": "3.15.1S"
                },
                {
                  "status": "affected",
                  "version": "3.15.2S"
                },
                {
                  "status": "affected",
                  "version": "3.15.1cS"
                },
                {
                  "status": "affected",
                  "version": "3.15.3S"
                },
                {
                  "status": "affected",
                  "version": "3.15.4S"
                },
                {
                  "status": "affected",
                  "version": "3.7.0E"
                },
                {
                  "status": "affected",
                  "version": "3.7.1E"
                },
                {
                  "status": "affected",
                  "version": "3.7.2E"
                },
                {
                  "status": "affected",
                  "version": "3.7.3E"
                },
                {
                  "status": "affected",
                  "version": "3.7.4E"
                },
                {
                  "status": "affected",
                  "version": "3.7.5E"
                },
                {
                  "status": "affected",
                  "version": "3.5.0SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.1SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.2SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.3SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.4SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.5SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.6SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.7SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.8SQ"
                },
                {
                  "status": "affected",
                  "version": "3.16.0S"
                },
                {
                  "status": "affected",
                  "version": "3.16.1S"
                },
                {
                  "status": "affected",
                  "version": "3.16.1aS"
                },
                {
                  "status": "affected",
                  "version": "3.16.2S"
                },
                {
                  "status": "affected",
                  "version": "3.16.2aS"
                },
                {
                  "status": "affected",
                  "version": "3.16.0cS"
                },
                {
                  "status": "affected",
                  "version": "3.16.3S"
                },
                {
                  "status": "affected",
                  "version": "3.16.2bS"
                },
                {
                  "status": "affected",
                  "version": "3.16.3aS"
                },
                {
                  "status": "affected",
                  "version": "3.16.4S"
                },
                {
                  "status": "affected",
                  "version": "3.16.4aS"
                },
                {
                  "status": "affected",
                  "version": "3.16.4bS"
                },
                {
                  "status": "affected",
                  "version": "3.16.5S"
                },
                {
                  "status": "affected",
                  "version": "3.16.4dS"
                },
                {
                  "status": "affected",
                  "version": "3.16.6S"
                },
                {
                  "status": "affected",
                  "version": "3.16.7S"
                },
                {
                  "status": "affected",
                  "version": "3.16.6bS"
                },
                {
                  "status": "affected",
                  "version": "3.16.7aS"
                },
                {
                  "status": "affected",
                  "version": "3.16.7bS"
                },
                {
                  "status": "affected",
                  "version": "3.16.8S"
                },
                {
                  "status": "affected",
                  "version": "3.16.9S"
                },
                {
                  "status": "affected",
                  "version": "3.16.10S"
                },
                {
                  "status": "affected",
                  "version": "3.17.0S"
                },
                {
                  "status": "affected",
                  "version": "3.17.1S"
                },
                {
                  "status": "affected",
                  "version": "3.17.2S"
                },
                {
                  "status": "affected",
                  "version": "3.17.1aS"
                },
                {
                  "status": "affected",
                  "version": "3.17.3S"
                },
                {
                  "status": "affected",
                  "version": "3.17.4S"
                },
                {
                  "status": "affected",
                  "version": "3.8.0E"
                },
                {
                  "status": "affected",
                  "version": "3.8.1E"
                },
                {
                  "status": "affected",
                  "version": "3.8.2E"
                },
                {
                  "status": "affected",
                  "version": "3.8.3E"
                },
                {
                  "status": "affected",
                  "version": "3.8.4E"
                },
                {
                  "status": "affected",
                  "version": "3.8.5E"
                },
                {
                  "status": "affected",
                  "version": "3.8.5aE"
                },
                {
                  "status": "affected",
                  "version": "3.8.6E"
                },
                {
                  "status": "affected",
                  "version": "3.8.7E"
                },
                {
                  "status": "affected",
                  "version": "3.8.8E"
                },
                {
                  "status": "affected",
                  "version": "3.8.9E"
                },
                {
                  "status": "affected",
                  "version": "3.8.10E"
                },
                {
                  "status": "affected",
                  "version": "3.18.0aS"
                },
                {
                  "status": "affected",
                  "version": "3.18.0S"
                },
                {
                  "status": "affected",
                  "version": "3.18.1S"
                },
                {
                  "status": "affected",
                  "version": "3.18.2S"
                },
                {
                  "status": "affected",
                  "version": "3.18.3S"
                },
                {
                  "status": "affected",
                  "version": "3.18.4S"
                },
                {
                  "status": "affected",
                  "version": "3.18.0SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.1SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.1aSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.1bSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.1cSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.2SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.2aSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.3SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.4SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.3aSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.3bSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.5SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.6SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.7SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.8aSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.9SP"
                },
                {
                  "status": "affected",
                  "version": "3.9.0E"
                },
                {
                  "status": "affected",
                  "version": "3.9.1E"
                },
                {
                  "status": "affected",
                  "version": "3.9.2E"
                },
                {
                  "status": "affected",
                  "version": "16.6.1"
                },
                {
                  "status": "affected",
                  "version": "16.6.2"
                },
                {
                  "status": "affected",
                  "version": "16.6.3"
                },
                {
                  "status": "affected",
                  "version": "16.6.4"
                },
                {
                  "status": "affected",
                  "version": "16.6.5"
                },
                {
                  "status": "affected",
                  "version": "16.6.4a"
                },
                {
                  "status": "affected",
                  "version": "16.6.5a"
                },
                {
                  "status": "affected",
                  "version": "16.6.6"
                },
                {
                  "status": "affected",
                  "version": "16.6.7"
                },
                {
                  "status": "affected",
                  "version": "16.6.8"
                },
                {
                  "status": "affected",
                  "version": "16.6.9"
                },
                {
                  "status": "affected",
                  "version": "16.6.10"
                },
                {
                  "status": "affected",
                  "version": "16.7.1"
                },
                {
                  "status": "affected",
                  "version": "16.7.1a"
                },
                {
                  "status": "affected",
                  "version": "16.7.1b"
                },
                {
                  "status": "affected",
                  "version": "16.7.2"
                },
                {
                  "status": "affected",
                  "version": "16.7.3"
                },
                {
                  "status": "affected",
                  "version": "16.7.4"
                },
                {
                  "status": "affected",
                  "version": "16.8.1"
                },
                {
                  "status": "affected",
                  "version": "16.8.1a"
                },
                {
                  "status": "affected",
                  "version": "16.8.1b"
                },
                {
                  "status": "affected",
                  "version": "16.8.1s"
                },
                {
                  "status": "affected",
                  "version": "16.8.1c"
                },
                {
                  "status": "affected",
                  "version": "16.8.1d"
                },
                {
                  "status": "affected",
                  "version": "16.8.2"
                },
                {
                  "status": "affected",
                  "version": "16.8.1e"
                },
                {
                  "status": "affected",
                  "version": "16.8.3"
                },
                {
                  "status": "affected",
                  "version": "16.9.1"
                },
                {
                  "status": "affected",
                  "version": "16.9.2"
                },
                {
                  "status": "affected",
                  "version": "16.9.1a"
                },
                {
                  "status": "affected",
                  "version": "16.9.1b"
                },
                {
                  "status": "affected",
                  "version": "16.9.1s"
                },
                {
                  "status": "affected",
                  "version": "16.9.3"
                },
                {
                  "status": "affected",
                  "version": "16.9.4"
                },
                {
                  "status": "affected",
                  "version": "16.9.3a"
                },
                {
                  "status": "affected",
                  "version": "16.9.5"
                },
                {
                  "status": "affected",
                  "version": "16.9.5f"
                },
                {
                  "status": "affected",
                  "version": "16.9.6"
                },
                {
                  "status": "affected",
                  "version": "16.9.7"
                },
                {
                  "status": "affected",
                  "version": "16.9.8"
                },
                {
                  "status": "affected",
                  "version": "16.10.1"
                },
                {
                  "status": "affected",
                  "version": "16.10.1a"
                },
                {
                  "status": "affected",
                  "version": "16.10.1b"
                },
                {
                  "status": "affected",
                  "version": "16.10.1s"
                },
                {
                  "status": "affected",
                  "version": "16.10.1c"
                },
                {
                  "status": "affected",
                  "version": "16.10.1e"
                },
                {
                  "status": "affected",
                  "version": "16.10.1d"
                },
                {
                  "status": "affected",
                  "version": "16.10.2"
                },
                {
                  "status": "affected",
                  "version": "16.10.1f"
                },
                {
                  "status": "affected",
                  "version": "16.10.1g"
                },
                {
                  "status": "affected",
                  "version": "16.10.3"
                },
                {
                  "status": "affected",
                  "version": "3.10.0E"
                },
                {
                  "status": "affected",
                  "version": "3.10.1E"
                },
                {
                  "status": "affected",
                  "version": "3.10.0cE"
                },
                {
                  "status": "affected",
                  "version": "3.10.2E"
                },
                {
                  "status": "affected",
                  "version": "3.10.3E"
                },
                {
                  "status": "affected",
                  "version": "16.11.1"
                },
                {
                  "status": "affected",
                  "version": "16.11.1a"
                },
                {
                  "status": "affected",
                  "version": "16.11.1b"
                },
                {
                  "status": "affected",
                  "version": "16.11.2"
                },
                {
                  "status": "affected",
                  "version": "16.11.1s"
                },
                {
                  "status": "affected",
                  "version": "16.12.1"
                },
                {
                  "status": "affected",
                  "version": "16.12.1s"
                },
                {
                  "status": "affected",
                  "version": "16.12.1a"
                },
                {
                  "status": "affected",
                  "version": "16.12.1c"
                },
                {
                  "status": "affected",
                  "version": "16.12.1w"
                },
                {
                  "status": "affected",
                  "version": "16.12.2"
                },
                {
                  "status": "affected",
                  "version": "16.12.1y"
                },
                {
                  "status": "affected",
                  "version": "16.12.2a"
                },
                {
                  "status": "affected",
                  "version": "16.12.3"
                },
                {
                  "status": "affected",
                  "version": "16.12.8"
                },
                {
                  "status": "affected",
                  "version": "16.12.2s"
                },
                {
                  "status": "affected",
                  "version": "16.12.1x"
                },
                {
                  "status": "affected",
                  "version": "16.12.1t"
                },
                {
                  "status": "affected",
                  "version": "16.12.4"
                },
                {
                  "status": "affected",
                  "version": "16.12.3s"
                },
                {
                  "status": "affected",
                  "version": "16.12.3a"
                },
                {
                  "status": "affected",
                  "version": "16.12.4a"
                },
                {
                  "status": "affected",
                  "version": "16.12.5"
                },
                {
                  "status": "affected",
                  "version": "16.12.6"
                },
                {
                  "status": "affected",
                  "version": "16.12.1z1"
                },
                {
                  "status": "affected",
                  "version": "16.12.5a"
                },
                {
                  "status": "affected",
                  "version": "16.12.5b"
                },
                {
                  "status": "affected",
                  "version": "16.12.1z2"
                },
                {
                  "status": "affected",
                  "version": "16.12.6a"
                },
                {
                  "status": "affected",
                  "version": "16.12.7"
                },
                {
                  "status": "affected",
                  "version": "16.12.9"
                },
                {
                  "status": "affected",
                  "version": "16.12.10"
                },
                {
                  "status": "affected",
                  "version": "16.12.10a"
                },
                {
                  "status": "affected",
                  "version": "16.12.11"
                },
                {
                  "status": "affected",
                  "version": "16.12.12"
                },
                {
                  "status": "affected",
                  "version": "16.12.13"
                },
                {
                  "status": "affected",
                  "version": "3.11.0E"
                },
                {
                  "status": "affected",
                  "version": "3.11.1E"
                },
                {
                  "status": "affected",
                  "version": "3.11.2E"
                },
                {
                  "status": "affected",
                  "version": "3.11.3E"
                },
                {
                  "status": "affected",
                  "version": "3.11.1aE"
                },
                {
                  "status": "affected",
                  "version": "3.11.4E"
                },
                {
                  "status": "affected",
                  "version": "3.11.3aE"
                },
                {
                  "status": "affected",
                  "version": "3.11.5E"
                },
                {
                  "status": "affected",
                  "version": "3.11.6E"
                },
                {
                  "status": "affected",
                  "version": "3.11.7E"
                },
                {
                  "status": "affected",
                  "version": "3.11.8E"
                },
                {
                  "status": "affected",
                  "version": "3.11.9E"
                },
                {
                  "status": "affected",
                  "version": "3.11.10E"
                },
                {
                  "status": "affected",
                  "version": "3.11.11E"
                },
                {
                  "status": "affected",
                  "version": "3.11.12E"
                },
                {
                  "status": "affected",
                  "version": "17.1.1"
                },
                {
                  "status": "affected",
                  "version": "17.1.1a"
                },
                {
                  "status": "affected",
                  "version": "17.1.1s"
                },
                {
                  "status": "affected",
                  "version": "17.1.1t"
                },
                {
                  "status": "affected",
                  "version": "17.1.3"
                },
                {
                  "status": "affected",
                  "version": "17.2.1"
                },
                {
                  "status": "affected",
                  "version": "17.2.1r"
                },
                {
                  "status": "affected",
                  "version": "17.2.1a"
                },
                {
                  "status": "affected",
                  "version": "17.2.1v"
                },
                {
                  "status": "affected",
                  "version": "17.2.2"
                },
                {
                  "status": "affected",
                  "version": "17.2.3"
                },
                {
                  "status": "affected",
                  "version": "17.3.1"
                },
                {
                  "status": "affected",
                  "version": "17.3.2"
                },
                {
                  "status": "affected",
                  "version": "17.3.3"
                },
                {
                  "status": "affected",
                  "version": "17.3.1a"
                },
                {
                  "status": "affected",
                  "version": "17.3.1w"
                },
                {
                  "status": "affected",
                  "version": "17.3.2a"
                },
                {
                  "status": "affected",
                  "version": "17.3.1x"
                },
                {
                  "status": "affected",
                  "version": "17.3.1z"
                },
                {
                  "status": "affected",
                  "version": "17.3.4"
                },
                {
                  "status": "affected",
                  "version": "17.3.5"
                },
                {
                  "status": "affected",
                  "version": "17.3.4a"
                },
                {
                  "status": "affected",
                  "version": "17.3.6"
                },
                {
                  "status": "affected",
                  "version": "17.3.4b"
                },
                {
                  "status": "affected",
                  "version": "17.3.4c"
                },
                {
                  "status": "affected",
                  "version": "17.3.5a"
                },
                {
                  "status": "affected",
                  "version": "17.3.5b"
                },
                {
                  "status": "affected",
                  "version": "17.3.7"
                },
                {
                  "status": "affected",
                  "version": "17.3.8"
                },
                {
                  "status": "affected",
                  "version": "17.3.8a"
                },
                {
                  "status": "affected",
                  "version": "17.4.1"
                },
                {
                  "status": "affected",
                  "version": "17.4.2"
                },
                {
                  "status": "affected",
                  "version": "17.4.1a"
                },
                {
                  "status": "affected",
                  "version": "17.4.1b"
                },
                {
                  "status": "affected",
                  "version": "17.4.2a"
                },
                {
                  "status": "affected",
                  "version": "17.5.1"
                },
                {
                  "status": "affected",
                  "version": "17.5.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1"
                },
                {
                  "status": "affected",
                  "version": "17.6.2"
                },
                {
                  "status": "affected",
                  "version": "17.6.1w"
                },
                {
                  "status": "affected",
                  "version": "17.6.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1x"
                },
                {
                  "status": "affected",
                  "version": "17.6.3"
                },
                {
                  "status": "affected",
                  "version": "17.6.1y"
                },
                {
                  "status": "affected",
                  "version": "17.6.1z"
                },
                {
                  "status": "affected",
                  "version": "17.6.3a"
                },
                {
                  "status": "affected",
                  "version": "17.6.4"
                },
                {
                  "status": "affected",
                  "version": "17.6.1z1"
                },
                {
                  "status": "affected",
                  "version": "17.6.5"
                },
                {
                  "status": "affected",
                  "version": "17.6.6"
                },
                {
                  "status": "affected",
                  "version": "17.6.6a"
                },
                {
                  "status": "affected",
                  "version": "17.6.5a"
                },
                {
                  "status": "affected",
                  "version": "17.6.7"
                },
                {
                  "status": "affected",
                  "version": "17.6.8"
                },
                {
                  "status": "affected",
                  "version": "17.6.8a"
                },
                {
                  "status": "affected",
                  "version": "17.7.1"
                },
                {
                  "status": "affected",
                  "version": "17.7.1a"
                },
                {
                  "status": "affected",
                  "version": "17.7.1b"
                },
                {
                  "status": "affected",
                  "version": "17.7.2"
                },
                {
                  "status": "affected",
                  "version": "17.10.1"
                },
                {
                  "status": "affected",
                  "version": "17.10.1a"
                },
                {
                  "status": "affected",
                  "version": "17.10.1b"
                },
                {
                  "status": "affected",
                  "version": "17.8.1"
                },
                {
                  "status": "affected",
                  "version": "17.8.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1"
                },
                {
                  "status": "affected",
                  "version": "17.9.1w"
                },
                {
                  "status": "affected",
                  "version": "17.9.2"
                },
                {
                  "status": "affected",
                  "version": "17.9.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1x"
                },
                {
                  "status": "affected",
                  "version": "17.9.1y"
                },
                {
                  "status": "affected",
                  "version": "17.9.3"
                },
                {
                  "status": "affected",
                  "version": "17.9.2a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1x1"
                },
                {
                  "status": "affected",
                  "version": "17.9.3a"
                },
                {
                  "status": "affected",
                  "version": "17.9.4"
                },
                {
                  "status": "affected",
                  "version": "17.9.1y1"
                },
                {
                  "status": "affected",
                  "version": "17.9.5"
                },
                {
                  "status": "affected",
                  "version": "17.9.4a"
                },
                {
                  "status": "affected",
                  "version": "17.9.5a"
                },
                {
                  "status": "affected",
                  "version": "17.9.5b"
                },
                {
                  "status": "affected",
                  "version": "17.9.6"
                },
                {
                  "status": "affected",
                  "version": "17.9.6a"
                },
                {
                  "status": "affected",
                  "version": "17.9.7"
                },
                {
                  "status": "affected",
                  "version": "17.9.5e"
                },
                {
                  "status": "affected",
                  "version": "17.9.5f"
                },
                {
                  "status": "affected",
                  "version": "17.9.7a"
                },
                {
                  "status": "affected",
                  "version": "17.9.7b"
                },
                {
                  "status": "affected",
                  "version": "17.11.1"
                },
                {
                  "status": "affected",
                  "version": "17.11.1a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1"
                },
                {
                  "status": "affected",
                  "version": "17.12.1w"
                },
                {
                  "status": "affected",
                  "version": "17.12.1a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1x"
                },
                {
                  "status": "affected",
                  "version": "17.12.2"
                },
                {
                  "status": "affected",
                  "version": "17.12.3"
                },
                {
                  "status": "affected",
                  "version": "17.12.2a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1y"
                },
                {
                  "status": "affected",
                  "version": "17.12.1z"
                },
                {
                  "status": "affected",
                  "version": "17.12.4"
                },
                {
                  "status": "affected",
                  "version": "17.12.3a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1z1"
                },
                {
                  "status": "affected",
                  "version": "17.12.1z2"
                },
                {
                  "status": "affected",
                  "version": "17.12.4a"
                },
                {
                  "status": "affected",
                  "version": "17.12.5"
                },
                {
                  "status": "affected",
                  "version": "17.12.4b"
                },
                {
                  "status": "affected",
                  "version": "17.12.1z3"
                },
                {
                  "status": "affected",
                  "version": "17.12.5a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1z4"
                },
                {
                  "status": "affected",
                  "version": "17.12.5b"
                },
                {
                  "status": "affected",
                  "version": "17.12.5c"
                },
                {
                  "status": "affected",
                  "version": "17.13.1"
                },
                {
                  "status": "affected",
                  "version": "17.13.1a"
                },
                {
                  "status": "affected",
                  "version": "17.14.1"
                },
                {
                  "status": "affected",
                  "version": "17.14.1a"
                },
                {
                  "status": "affected",
                  "version": "17.15.1"
                },
                {
                  "status": "affected",
                  "version": "17.15.1w"
                },
                {
                  "status": "affected",
                  "version": "17.15.1a"
                },
                {
                  "status": "affected",
                  "version": "17.15.2"
                },
                {
                  "status": "affected",
                  "version": "17.15.1b"
                },
                {
                  "status": "affected",
                  "version": "17.15.1x"
                },
                {
                  "status": "affected",
                  "version": "17.15.1z"
                },
                {
                  "status": "affected",
                  "version": "17.15.3"
                },
                {
                  "status": "affected",
                  "version": "17.15.2c"
                },
                {
                  "status": "affected",
                  "version": "17.15.2a"
                },
                {
                  "status": "affected",
                  "version": "17.15.1y"
                },
                {
                  "status": "affected",
                  "version": "17.15.2b"
                },
                {
                  "status": "affected",
                  "version": "17.15.3a"
                },
                {
                  "status": "affected",
                  "version": "17.15.4"
                },
                {
                  "status": "affected",
                  "version": "17.15.3b"
                },
                {
                  "status": "affected",
                  "version": "17.16.1"
                },
                {
                  "status": "affected",
                  "version": "17.16.1a"
                },
                {
                  "status": "affected",
                  "version": "17.17.1"
                },
                {
                  "status": "affected",
                  "version": "17.18.1"
                }
              ]
            },
            {
              "product": "Cisco IOS XE Catalyst SD-WAN",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "16.9.1"
                },
                {
                  "status": "affected",
                  "version": "16.9.2"
                },
                {
                  "status": "affected",
                  "version": "16.9.3"
                },
                {
                  "status": "affected",
                  "version": "16.9.4"
                },
                {
                  "status": "affected",
                  "version": "16.10.1"
                },
                {
                  "status": "affected",
                  "version": "16.10.2"
                },
                {
                  "status": "affected",
                  "version": "16.10.3"
                },
                {
                  "status": "affected",
                  "version": "16.10.3a"
                },
                {
                  "status": "affected",
                  "version": "16.10.3b"
                },
                {
                  "status": "affected",
                  "version": "16.10.4"
                },
                {
                  "status": "affected",
                  "version": "16.10.5"
                },
                {
                  "status": "affected",
                  "version": "16.10.6"
                },
                {
                  "status": "affected",
                  "version": "16.11.1a"
                },
                {
                  "status": "affected",
                  "version": "16.12.1b"
                },
                {
                  "status": "affected",
                  "version": "16.12.1d"
                },
                {
                  "status": "affected",
                  "version": "16.12.1e"
                },
                {
                  "status": "affected",
                  "version": "16.12.2r"
                },
                {
                  "status": "affected",
                  "version": "16.12.3"
                },
                {
                  "status": "affected",
                  "version": "16.12.4"
                },
                {
                  "status": "affected",
                  "version": "16.12.4a"
                },
                {
                  "status": "affected",
                  "version": "16.12.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following:\r\n\r \r An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials. \r An authenticated, remote attacker with high privileges could execute code as the root user on an affected device that is running Cisco IOS XE Software. To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device. \r \r An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks. \r\n\r This vulnerability is due to a stack overflow condition in the SNMP subsystem of the affected software. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.\r\n\r Note: This vulnerability affects all versions of SNMP."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) became aware of successful exploitation of this vulnerability in the wild after local Administrator credentials were compromised. Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-30T16:18:05.082Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-snmp-x4LPhte",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte"
            }
          ],
          "source": {
            "advisory": "cisco-sa-snmp-x4LPhte",
            "defects": [
              "CSCwq31287"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20352",
        "datePublished": "2025-09-24T17:10:42.891Z",
        "dateReserved": "2024-10-10T19:15:13.257Z",
        "dateUpdated": "2026-02-26T17:48:03.098Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20151 (GCVE-0-2025-20151)

    Vulnerability from nvd – Published: 2025-05-07 17:18 – Updated: 2025-05-07 19:46
    VLAI
    Title
    Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability
    Summary
    A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration. This vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied. Note: The attacker has no control of the SNMPv3 configuration. To exploit this vulnerability, the attacker must have valid SNMPv3 user credentials. For more information, see the section of this advisory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco IOS XE Catalyst SD-WAN Affected: 16.10.6
    Affected: 16.12.3
    Affected: 16.12.1
    Affected: 16.12.1a
    Affected: 16.12.4a
    Affected: 16.12.2r
    Affected: 16.12.1c
    Affected: 16.10.4
    Affected: 16.12.1b1
    Affected: 16.10.5
    Affected: 16.12.4
    Affected: 16.10.3
    Affected: 16.10.3a
    Affected: 16.12.1b
    Affected: 16.10.3b
    Affected: 16.12.1d
    Affected: 16.11.1s
    Affected: 16.9.1
    Affected: 16.11.1a
    Affected: 16.11.1d
    Affected: 16.9.2
    Affected: 16.10.1
    Affected: 16.11.1f
    Affected: 16.9.4
    Affected: 16.9.3
    Affected: 16.10.2
    Affected: 16.12.1e
    Affected: 16.11.1b
    Affected: 16.11.1
    Affected: 16.12.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20151",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-07T18:56:21.184209Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-07T19:46:24.894Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco IOS XE Catalyst SD-WAN",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "16.10.6"
                },
                {
                  "status": "affected",
                  "version": "16.12.3"
                },
                {
                  "status": "affected",
                  "version": "16.12.1"
                },
                {
                  "status": "affected",
                  "version": "16.12.1a"
                },
                {
                  "status": "affected",
                  "version": "16.12.4a"
                },
                {
                  "status": "affected",
                  "version": "16.12.2r"
                },
                {
                  "status": "affected",
                  "version": "16.12.1c"
                },
                {
                  "status": "affected",
                  "version": "16.10.4"
                },
                {
                  "status": "affected",
                  "version": "16.12.1b1"
                },
                {
                  "status": "affected",
                  "version": "16.10.5"
                },
                {
                  "status": "affected",
                  "version": "16.12.4"
                },
                {
                  "status": "affected",
                  "version": "16.10.3"
                },
                {
                  "status": "affected",
                  "version": "16.10.3a"
                },
                {
                  "status": "affected",
                  "version": "16.12.1b"
                },
                {
                  "status": "affected",
                  "version": "16.10.3b"
                },
                {
                  "status": "affected",
                  "version": "16.12.1d"
                },
                {
                  "status": "affected",
                  "version": "16.11.1s"
                },
                {
                  "status": "affected",
                  "version": "16.9.1"
                },
                {
                  "status": "affected",
                  "version": "16.11.1a"
                },
                {
                  "status": "affected",
                  "version": "16.11.1d"
                },
                {
                  "status": "affected",
                  "version": "16.9.2"
                },
                {
                  "status": "affected",
                  "version": "16.10.1"
                },
                {
                  "status": "affected",
                  "version": "16.11.1f"
                },
                {
                  "status": "affected",
                  "version": "16.9.4"
                },
                {
                  "status": "affected",
                  "version": "16.9.3"
                },
                {
                  "status": "affected",
                  "version": "16.10.2"
                },
                {
                  "status": "affected",
                  "version": "16.12.1e"
                },
                {
                  "status": "affected",
                  "version": "16.11.1b"
                },
                {
                  "status": "affected",
                  "version": "16.11.1"
                },
                {
                  "status": "affected",
                  "version": "16.12.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration.\r\n\r\nThis vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied.\r\nNote: The attacker has no control of the SNMPv3 configuration. To exploit this vulnerability, the attacker must have valid SNMPv3 user credentials.\r\nFor more information, see the  section of this advisory."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-16",
                  "description": "Configuration",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-07T17:18:44.414Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-snmpv3-qKEYvzsy",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpv3-qKEYvzsy"
            }
          ],
          "source": {
            "advisory": "cisco-sa-snmpv3-qKEYvzsy",
            "defects": [
              "CSCwi84832"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20151",
        "datePublished": "2025-05-07T17:18:44.414Z",
        "dateReserved": "2024-10-10T19:15:13.216Z",
        "dateUpdated": "2025-05-07T19:46:24.894Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20373 (GCVE-0-2024-20373)

    Vulnerability from nvd – Published: 2024-11-15 14:52 – Updated: 2024-11-15 16:20
    VLAI
    Title
    Cisco IOS and Cisco IOS XE SNMP Extended ACL Bypass Vulnerability
    Summary
    A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.  This vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials. SNMP with IPv6 ACL configurations is not affected. For more information, see the section of this advisory.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco IOS XE Catalyst SD-WAN Affected: 16.10.6
    Affected: 16.12.3
    Affected: 16.12.1
    Affected: 16.10.4
    Affected: 16.10.5
    Affected: 16.12.4
    Affected: 16.10.3
    Affected: 16.10.3a
    Affected: 16.10.3b
    Affected: 16.11.1s
    Affected: 16.11.1a
    Affected: 16.10.1
    Affected: 16.11.1f
    Affected: 16.9.4
    Affected: 16.9.3
    Affected: 16.10.2
    Affected: 16.11.1b
    Affected: 16.11.1
    Affected: 16.12.5
    Affected: 16.11.1d
    Create a notification for this product.
    cisco ios_xe_catalyst_sd-wan Affected: 16.10.1
    Affected: 16.10.2
    Affected: 16.10.3
    Affected: 16.10.3a
    Affected: 16.10.3b
    Affected: 16.10.4
    Affected: 16.10.5
    Affected: 16.10.6
    Affected: 16.11.1
    Affected: 16.11.1a
    Affected: 16.11.1b
    Affected: 16.11.1d
    Affected: 16.11.1f
    Affected: 16.11.1s
    Affected: 16.12.1
    Affected: 16.12.3
    Affected: 16.12.4
    Affected: 16.12.5
    Affected: 16.9.3
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3a:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3b:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1a:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1b:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1d:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1f:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1s:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.9.3:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3a:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3b:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1a:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1b:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1d:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1f:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1s:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.9.3:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ios_xe_catalyst_sd-wan",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "16.10.1"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.2"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.3"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.3a"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.3b"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.4"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.5"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.6"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1a"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1b"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1d"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1f"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1s"
                  },
                  {
                    "status": "affected",
                    "version": "16.12.1"
                  },
                  {
                    "status": "affected",
                    "version": "16.12.3"
                  },
                  {
                    "status": "affected",
                    "version": "16.12.4"
                  },
                  {
                    "status": "affected",
                    "version": "16.12.5"
                  },
                  {
                    "status": "affected",
                    "version": "16.9.3"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20373",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:20:19.710967Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T16:20:59.945Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco IOS XE Catalyst SD-WAN",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "16.10.6"
                },
                {
                  "status": "affected",
                  "version": "16.12.3"
                },
                {
                  "status": "affected",
                  "version": "16.12.1"
                },
                {
                  "status": "affected",
                  "version": "16.10.4"
                },
                {
                  "status": "affected",
                  "version": "16.10.5"
                },
                {
                  "status": "affected",
                  "version": "16.12.4"
                },
                {
                  "status": "affected",
                  "version": "16.10.3"
                },
                {
                  "status": "affected",
                  "version": "16.10.3a"
                },
                {
                  "status": "affected",
                  "version": "16.10.3b"
                },
                {
                  "status": "affected",
                  "version": "16.11.1s"
                },
                {
                  "status": "affected",
                  "version": "16.11.1a"
                },
                {
                  "status": "affected",
                  "version": "16.10.1"
                },
                {
                  "status": "affected",
                  "version": "16.11.1f"
                },
                {
                  "status": "affected",
                  "version": "16.9.4"
                },
                {
                  "status": "affected",
                  "version": "16.9.3"
                },
                {
                  "status": "affected",
                  "version": "16.10.2"
                },
                {
                  "status": "affected",
                  "version": "16.11.1b"
                },
                {
                  "status": "affected",
                  "version": "16.11.1"
                },
                {
                  "status": "affected",
                  "version": "16.12.5"
                },
                {
                  "status": "affected",
                  "version": "16.11.1d"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.\u0026nbsp;\r\n\r\nThis vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials.\r\nSNMP with IPv6 ACL configurations is not affected.\r\nFor more information, see the  section of this advisory."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-15T14:52:34.137Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-snmp-uwBXfqww",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-uwBXfqww"
            }
          ],
          "source": {
            "advisory": "cisco-sa-snmp-uwBXfqww",
            "defects": [
              "CSCwe24431"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS and Cisco IOS XE SNMP Extended ACL Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20373",
        "datePublished": "2024-11-15T14:52:34.137Z",
        "dateReserved": "2023-11-08T15:08:07.654Z",
        "dateUpdated": "2024-11-15T16:20:59.945Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20455 (GCVE-0-2024-20455)

    Vulnerability from nvd – Published: 2024-09-25 16:18 – Updated: 2024-09-25 19:47
    VLAI
    Summary
    A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because UTD improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. An attacker could exploit this vulnerability by sending crafted traffic through an SD-WAN IPsec tunnel that is configured on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: SD-WAN tunnels that are configured with Generic Routing Encapsulation (GRE) are not affected by this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco IOS XE Software Affected: 17.1.1
    Affected: 17.1.1a
    Affected: 17.1.1s
    Affected: 17.1.1t
    Affected: 17.1.3
    Affected: 17.2.1
    Affected: 17.2.1r
    Affected: 17.2.1a
    Affected: 17.2.1v
    Affected: 17.2.2
    Affected: 17.2.3
    Affected: 17.3.1
    Affected: 17.3.2
    Affected: 17.3.3
    Affected: 17.3.1a
    Affected: 17.3.1w
    Affected: 17.3.2a
    Affected: 17.3.1x
    Affected: 17.3.1z
    Affected: 17.3.4
    Affected: 17.3.5
    Affected: 17.3.4a
    Affected: 17.3.6
    Affected: 17.3.4b
    Affected: 17.3.4c
    Affected: 17.3.5a
    Affected: 17.3.5b
    Affected: 17.3.7
    Affected: 17.3.8
    Affected: 17.3.8a
    Affected: 17.4.1
    Affected: 17.4.2
    Affected: 17.4.1a
    Affected: 17.4.1b
    Affected: 17.4.2a
    Affected: 17.5.1
    Affected: 17.5.1a
    Affected: 17.6.1
    Affected: 17.6.2
    Affected: 17.6.1w
    Affected: 17.6.1a
    Affected: 17.6.1x
    Affected: 17.6.3
    Affected: 17.6.1y
    Affected: 17.6.1z
    Affected: 17.6.3a
    Affected: 17.6.4
    Affected: 17.6.1z1
    Affected: 17.6.5
    Affected: 17.6.6
    Affected: 17.6.6a
    Affected: 17.6.5a
    Affected: 17.7.1
    Affected: 17.7.1a
    Affected: 17.7.1b
    Affected: 17.7.2
    Affected: 17.10.1
    Affected: 17.10.1a
    Affected: 17.10.1b
    Affected: 17.8.1
    Affected: 17.8.1a
    Affected: 17.9.1
    Affected: 17.9.1w
    Affected: 17.9.2
    Affected: 17.9.1a
    Affected: 17.9.1x
    Affected: 17.9.1y
    Affected: 17.9.3
    Affected: 17.9.2a
    Affected: 17.9.1x1
    Affected: 17.9.3a
    Affected: 17.9.4
    Affected: 17.9.1y1
    Affected: 17.9.5
    Affected: 17.9.4a
    Affected: 17.9.5a
    Affected: 17.9.5b
    Affected: 17.11.1
    Affected: 17.11.1a
    Affected: 17.12.1
    Affected: 17.12.1w
    Affected: 17.12.1a
    Affected: 17.12.2
    Affected: 17.12.2a
    Affected: 17.13.1
    Affected: 17.13.1a
    Affected: 17.11.99SW
    Create a notification for this product.
    Cisco Cisco IOS XE Catalyst SD-WAN Affected: 17.5.1a
    Affected: 17.6.1a
    Affected: 17.6.2
    Affected: 17.6.4
    Affected: 17.7.1a
    Affected: 17.9.1a
    Affected: 17.9.2a
    Affected: 17.9.3a
    Affected: 17.9.4
    Affected: 17.8.1a
    Affected: 17.10.1a
    Affected: 17.11.1a
    Affected: 17.12.1a
    Affected: 17.13.1a
    Create a notification for this product.
    cisco ios_xe Affected: 17.1.1
    Affected: 17.1.1a
    Affected: 17.1.1s
    Affected: 17.1.1t
    Affected: 17.1.3
    Affected: 17.2.1
    Affected: 17.2.1r
    Affected: 17.2.1a
    Affected: 17.2.1v
    Affected: 17.2.2
    Affected: 17.2.3
    Affected: 17.3.1
    Affected: 17.3.2
    Affected: 17.3.3
    Affected: 17.3.1a
    Affected: 17.3.1w
    Affected: 17.3.2a
    Affected: 17.3.1x
    Affected: 17.3.1z
    Affected: 17.3.4
    Affected: 17.3.5
    Affected: 17.3.4a
    Affected: 17.3.6
    Affected: 17.3.4b
    Affected: 17.3.4c
    Affected: 17.3.5a
    Affected: 17.3.5b
    Affected: 17.3.7
    Affected: 17.3.8
    Affected: 17.3.8a
    Affected: 17.4.1
    Affected: 17.4.2
    Affected: 17.4.1a
    Affected: 17.4.1b
    Affected: 17.4.2a
    Affected: 17.5.1
    Affected: 17.5.1a
    Affected: 17.6.1
    Affected: 17.6.2
    Affected: 17.6.1w
    Affected: 17.6.1a
    Affected: 17.6.1x
    Affected: 17.6.3
    Affected: 17.6.1y
    Affected: 17.6.1z
    Affected: 17.6.3a
    Affected: 17.6.4
    Affected: 17.6.1z1
    Affected: 17.6.5
    Affected: 17.6.6
    Affected: 17.6.6a
    Affected: 17.6.5a
    Affected: 17.7.1
    Affected: 17.7.1a
    Affected: 17.7.1b
    Affected: 17.7.2
    Affected: 17.10.1
    Affected: 17.10.1a
    Affected: 17.10.1b
    Affected: 17.8.1
    Affected: 17.8.1a
    Affected: 17.9.1
    Affected: 17.9.1w
    Affected: 17.9.2
    Affected: 17.9.1a
    Affected: 17.9.1x
    Affected: 17.9.1y
    Affected: 17.9.3
    Affected: 17.9.2a
    Affected: 17.9.1x1
    Affected: 17.9.3a
    Affected: 17.9.4
    Affected: 17.9.1y1
    Affected: 17.9.5
    Affected: 17.9.4a
    Affected: 17.9.5a
    Affected: 17.9.5b
    Affected: 17.11.1
    Affected: 17.11.1a
    Affected: 17.12.1
    Affected: 17.12.1w
    Affected: 17.12.1a
    Affected: 17.12.2
    Affected: 17.12.2a
    Affected: 17.13.1
    Affected: 17.13.1a
    Affected: 17.11.99sw
        cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
    Create a notification for this product.
    cisco ios_xe_catalyst_sd-wan Affected: 17.5.1a
    Affected: 17.6.1a
    Affected: 17.6.2
    Affected: 17.6.4
    Affected: 17.7.1a
    Affected: 17.9.1a
    Affected: 17.9.2a
    Affected: 17.9.3a
    Affected: 17.9.4
    Affected: 17.8.1a
    Affected: 17.10.1a
    Affected: 17.11.1a
    Affected: 17.12.1a
    Affected: 17.13.1a
        cpe:2.3:o:cisco:ios_xe_catalyst_sd-wan:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ios_xe",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "17.1.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.1.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.1.1s"
                  },
                  {
                    "status": "affected",
                    "version": "17.1.1t"
                  },
                  {
                    "status": "affected",
                    "version": "17.1.3"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.1r"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.1v"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.3"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.3"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.1w"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.2a"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.1x"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.1z"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.4"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.5"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.4a"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.6"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.4b"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.4c"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.5a"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.5b"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.7"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.8"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.8a"
                  },
                  {
                    "status": "affected",
                    "version": "17.4.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.4.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.4.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.4.1b"
                  },
                  {
                    "status": "affected",
                    "version": "17.4.2a"
                  },
                  {
                    "status": "affected",
                    "version": "17.5.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.5.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1w"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1x"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.3"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1y"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1z"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.3a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.4"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1z1"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.5"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.6"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.6a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.5a"
                  },
                  {
                    "status": "affected",
                    "version": "17.7.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.7.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.7.1b"
                  },
                  {
                    "status": "affected",
                    "version": "17.7.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.10.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.10.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.10.1b"
                  },
                  {
                    "status": "affected",
                    "version": "17.8.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.8.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1w"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1x"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1y"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.3"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.2a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1x1"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.3a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.4"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1y1"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.5"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.4a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.5a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.5b"
                  },
                  {
                    "status": "affected",
                    "version": "17.11.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.11.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.1w"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.2a"
                  },
                  {
                    "status": "affected",
                    "version": "17.13.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.13.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.11.99sw"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:cisco:ios_xe_catalyst_sd-wan:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ios_xe_catalyst_sd-wan",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "17.5.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.4"
                  },
                  {
                    "status": "affected",
                    "version": "17.7.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.2a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.3a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.4"
                  },
                  {
                    "status": "affected",
                    "version": "17.8.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.10.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.11.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.13.1a"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20455",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-25T19:29:31.898015Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-25T19:47:05.368Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "17.1.1"
                },
                {
                  "status": "affected",
                  "version": "17.1.1a"
                },
                {
                  "status": "affected",
                  "version": "17.1.1s"
                },
                {
                  "status": "affected",
                  "version": "17.1.1t"
                },
                {
                  "status": "affected",
                  "version": "17.1.3"
                },
                {
                  "status": "affected",
                  "version": "17.2.1"
                },
                {
                  "status": "affected",
                  "version": "17.2.1r"
                },
                {
                  "status": "affected",
                  "version": "17.2.1a"
                },
                {
                  "status": "affected",
                  "version": "17.2.1v"
                },
                {
                  "status": "affected",
                  "version": "17.2.2"
                },
                {
                  "status": "affected",
                  "version": "17.2.3"
                },
                {
                  "status": "affected",
                  "version": "17.3.1"
                },
                {
                  "status": "affected",
                  "version": "17.3.2"
                },
                {
                  "status": "affected",
                  "version": "17.3.3"
                },
                {
                  "status": "affected",
                  "version": "17.3.1a"
                },
                {
                  "status": "affected",
                  "version": "17.3.1w"
                },
                {
                  "status": "affected",
                  "version": "17.3.2a"
                },
                {
                  "status": "affected",
                  "version": "17.3.1x"
                },
                {
                  "status": "affected",
                  "version": "17.3.1z"
                },
                {
                  "status": "affected",
                  "version": "17.3.4"
                },
                {
                  "status": "affected",
                  "version": "17.3.5"
                },
                {
                  "status": "affected",
                  "version": "17.3.4a"
                },
                {
                  "status": "affected",
                  "version": "17.3.6"
                },
                {
                  "status": "affected",
                  "version": "17.3.4b"
                },
                {
                  "status": "affected",
                  "version": "17.3.4c"
                },
                {
                  "status": "affected",
                  "version": "17.3.5a"
                },
                {
                  "status": "affected",
                  "version": "17.3.5b"
                },
                {
                  "status": "affected",
                  "version": "17.3.7"
                },
                {
                  "status": "affected",
                  "version": "17.3.8"
                },
                {
                  "status": "affected",
                  "version": "17.3.8a"
                },
                {
                  "status": "affected",
                  "version": "17.4.1"
                },
                {
                  "status": "affected",
                  "version": "17.4.2"
                },
                {
                  "status": "affected",
                  "version": "17.4.1a"
                },
                {
                  "status": "affected",
                  "version": "17.4.1b"
                },
                {
                  "status": "affected",
                  "version": "17.4.2a"
                },
                {
                  "status": "affected",
                  "version": "17.5.1"
                },
                {
                  "status": "affected",
                  "version": "17.5.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1"
                },
                {
                  "status": "affected",
                  "version": "17.6.2"
                },
                {
                  "status": "affected",
                  "version": "17.6.1w"
                },
                {
                  "status": "affected",
                  "version": "17.6.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1x"
                },
                {
                  "status": "affected",
                  "version": "17.6.3"
                },
                {
                  "status": "affected",
                  "version": "17.6.1y"
                },
                {
                  "status": "affected",
                  "version": "17.6.1z"
                },
                {
                  "status": "affected",
                  "version": "17.6.3a"
                },
                {
                  "status": "affected",
                  "version": "17.6.4"
                },
                {
                  "status": "affected",
                  "version": "17.6.1z1"
                },
                {
                  "status": "affected",
                  "version": "17.6.5"
                },
                {
                  "status": "affected",
                  "version": "17.6.6"
                },
                {
                  "status": "affected",
                  "version": "17.6.6a"
                },
                {
                  "status": "affected",
                  "version": "17.6.5a"
                },
                {
                  "status": "affected",
                  "version": "17.7.1"
                },
                {
                  "status": "affected",
                  "version": "17.7.1a"
                },
                {
                  "status": "affected",
                  "version": "17.7.1b"
                },
                {
                  "status": "affected",
                  "version": "17.7.2"
                },
                {
                  "status": "affected",
                  "version": "17.10.1"
                },
                {
                  "status": "affected",
                  "version": "17.10.1a"
                },
                {
                  "status": "affected",
                  "version": "17.10.1b"
                },
                {
                  "status": "affected",
                  "version": "17.8.1"
                },
                {
                  "status": "affected",
                  "version": "17.8.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1"
                },
                {
                  "status": "affected",
                  "version": "17.9.1w"
                },
                {
                  "status": "affected",
                  "version": "17.9.2"
                },
                {
                  "status": "affected",
                  "version": "17.9.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1x"
                },
                {
                  "status": "affected",
                  "version": "17.9.1y"
                },
                {
                  "status": "affected",
                  "version": "17.9.3"
                },
                {
                  "status": "affected",
                  "version": "17.9.2a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1x1"
                },
                {
                  "status": "affected",
                  "version": "17.9.3a"
                },
                {
                  "status": "affected",
                  "version": "17.9.4"
                },
                {
                  "status": "affected",
                  "version": "17.9.1y1"
                },
                {
                  "status": "affected",
                  "version": "17.9.5"
                },
                {
                  "status": "affected",
                  "version": "17.9.4a"
                },
                {
                  "status": "affected",
                  "version": "17.9.5a"
                },
                {
                  "status": "affected",
                  "version": "17.9.5b"
                },
                {
                  "status": "affected",
                  "version": "17.11.1"
                },
                {
                  "status": "affected",
                  "version": "17.11.1a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1"
                },
                {
                  "status": "affected",
                  "version": "17.12.1w"
                },
                {
                  "status": "affected",
                  "version": "17.12.1a"
                },
                {
                  "status": "affected",
                  "version": "17.12.2"
                },
                {
                  "status": "affected",
                  "version": "17.12.2a"
                },
                {
                  "status": "affected",
                  "version": "17.13.1"
                },
                {
                  "status": "affected",
                  "version": "17.13.1a"
                },
                {
                  "status": "affected",
                  "version": "17.11.99SW"
                }
              ]
            },
            {
              "product": "Cisco IOS XE Catalyst SD-WAN",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "17.5.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.2"
                },
                {
                  "status": "affected",
                  "version": "17.6.4"
                },
                {
                  "status": "affected",
                  "version": "17.7.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.2a"
                },
                {
                  "status": "affected",
                  "version": "17.9.3a"
                },
                {
                  "status": "affected",
                  "version": "17.9.4"
                },
                {
                  "status": "affected",
                  "version": "17.8.1a"
                },
                {
                  "status": "affected",
                  "version": "17.10.1a"
                },
                {
                  "status": "affected",
                  "version": "17.11.1a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1a"
                },
                {
                  "status": "affected",
                  "version": "17.13.1a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability exists because UTD improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. An attacker could exploit this vulnerability by sending crafted traffic through an SD-WAN IPsec tunnel that is configured on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\n\r Note: SD-WAN tunnels that are configured with Generic Routing Encapsulation (GRE) are not affected by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-371",
                  "description": "State Issues",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-25T16:27:24.944Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-sdwan-utd-dos-hDATqxs",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sdwan-utd-dos-hDATqxs",
            "defects": [
              "CSCwi07137"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20455",
        "datePublished": "2024-09-25T16:18:50.066Z",
        "dateReserved": "2023-11-08T15:08:07.679Z",
        "dateUpdated": "2024-09-25T19:47:05.368Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20035 (GCVE-0-2023-20035)

    Vulnerability from nvd – Published: 2023-03-23 00:00 – Updated: 2024-10-28 16:32
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2023-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.562Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20230322 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20035",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-28T16:19:23.522101Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-28T16:32:57.941Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2023-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-146",
                  "description": "CWE-146",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-23T00:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20230322 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ios-xe-sdwan-VQAhEjYw",
            "defect": [
              [
                "CSCvx72976",
                "CSCwc41942"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20035",
        "datePublished": "2023-03-23T00:00:00.000Z",
        "dateReserved": "2022-10-27T00:00:00.000Z",
        "dateUpdated": "2024-10-28T16:32:57.941Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20850 (GCVE-0-2022-20850)

    Vulnerability from nvd – Published: 2022-09-30 18:46 – Updated: 2024-11-01 18:50
    VLAI
    Title
    Cisco SD-WAN Arbitrary File Deletion Vulnerability
    Summary
    A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2022-09-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:24:50.267Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-20850",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-01T18:40:31.320155Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-01T18:50:42.028Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco SD-WAN Solution",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2022-09-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-30T18:46:05.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-arb-file-delete-VB2rVcQv",
            "defect": [
              [
                "CSCvm25943"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco SD-WAN Arbitrary File Deletion Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2022-09-28T16:00:00",
              "ID": "CVE-2022-20850",
              "STATE": "PUBLIC",
              "TITLE": "Cisco SD-WAN Arbitrary File Deletion Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco SD-WAN Solution",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "5.5",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-22"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-arb-file-delete-VB2rVcQv",
              "defect": [
                [
                  "CSCvm25943"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20850",
        "datePublished": "2022-09-30T18:46:05.246Z",
        "dateReserved": "2021-11-02T00:00:00.000Z",
        "dateUpdated": "2024-11-01T18:50:42.028Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1529 (GCVE-0-2021-1529)

    Vulnerability from nvd – Published: 2021-10-21 02:45 – Updated: 2024-11-07 21:47
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-10-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.673Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20211020 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1529",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:42:50.706618Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:47:38.698Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE SD-WAN Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-10-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-21T02:45:10.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20211020 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sd-wan-rhpbE34A",
            "defect": [
              [
                "CSCvx50713"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-10-20T16:00:00",
              "ID": "CVE-2021-1529",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE SD-WAN Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "7.8",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-78"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20211020 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-sd-wan-rhpbE34A",
              "defect": [
                [
                  "CSCvx50713"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1529",
        "datePublished": "2021-10-21T02:45:10.183Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:47:38.698Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34729 (GCVE-0-2021-34729)

    Vulnerability from nvd – Published: 2021-09-23 02:26 – Updated: 2024-11-07 21:58
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:48.140Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-34729",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:43:01.874543Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:58:26.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE SD-WAN Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-23T02:26:36.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ioxesdwan-clicmdinj-7bYX5k3",
            "defect": [
              [
                "CSCvw54120"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-09-22T16:00:00",
              "ID": "CVE-2021-34729",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE SD-WAN Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.7",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-ioxesdwan-clicmdinj-7bYX5k3",
              "defect": [
                [
                  "CSCvw54120"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-34729",
        "datePublished": "2021-09-23T02:26:36.609Z",
        "dateReserved": "2021-06-15T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:58:26.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34727 (GCVE-0-2021-34727)

    Vulnerability from nvd – Published: 2021-09-23 02:26 – Updated: 2024-11-07 21:58
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability
    Summary
    A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:48.130Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210922 Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-34727",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:55:54.920129Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:58:32.363Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE SD-WAN Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-23T02:26:30.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210922 Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp"
            }
          ],
          "source": {
            "advisory": "cisco-sa-iosxesdwan-rbuffover-vE2OB6tp",
            "defect": [
              [
                "CSCvt49022"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-09-22T16:00:00",
              "ID": "CVE-2021-34727",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE SD-WAN Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "9.8",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-120"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210922 Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-iosxesdwan-rbuffover-vE2OB6tp",
              "defect": [
                [
                  "CSCvt49022"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-34727",
        "datePublished": "2021-09-23T02:26:30.919Z",
        "dateReserved": "2021-06-15T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:58:32.363Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34725 (GCVE-0-2021-34725)

    Vulnerability from nvd – Published: 2021-09-23 02:26 – Updated: 2024-11-07 21:58
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:48.128Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-34725",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:43:04.850695Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:58:45.239Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE SD-WAN Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-23T02:26:19.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sdwan-maapi-privesc-KSUg7QSS",
            "defect": [
              [
                "CSCvu26766"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-09-22T16:00:00",
              "ID": "CVE-2021-34725",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE SD-WAN Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.7",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-sdwan-maapi-privesc-KSUg7QSS",
              "defect": [
                [
                  "CSCvu26766"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-34725",
        "datePublished": "2021-09-23T02:26:19.249Z",
        "dateReserved": "2021-06-15T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:58:45.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34724 (GCVE-0-2021-34724)

    Vulnerability from nvd – Published: 2021-09-23 02:26 – Updated: 2024-11-07 21:58
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability
    Summary
    A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:48.119Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210922 Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-34724",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:43:06.198044Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:58:53.498Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE SD-WAN Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-23T02:26:13.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210922 Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-iosxesdwan-privesc-VP4FG3jD",
            "defect": [
              [
                "CSCvw54117"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-09-22T16:00:00",
              "ID": "CVE-2021-34724",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE SD-WAN Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.0",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-284"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210922 Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-iosxesdwan-privesc-VP4FG3jD",
              "defect": [
                [
                  "CSCvw54117"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-34724",
        "datePublished": "2021-09-23T02:26:14.010Z",
        "dateReserved": "2021-06-15T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:58:53.498Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1619 (GCVE-0-2021-1619)

    Vulnerability from nvd – Published: 2021-09-23 02:30 – Updated: 2024-11-07 21:57
    VLAI
    Title
    Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability
    Summary
    A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:18:11.250Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210922 Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1619",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:55:52.696954Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:57:46.001Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-824",
                  "description": "CWE-824",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-23T02:30:55.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210922 Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q"
            }
          ],
          "source": {
            "advisory": "cisco-sa-aaa-Yx47ZT8Q",
            "defect": [
              [
                "CSCvt53563"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-09-22T16:00:00",
              "ID": "CVE-2021-1619",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "9.8",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-824"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210922 Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-aaa-Yx47ZT8Q",
              "defect": [
                [
                  "CSCvt53563"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1619",
        "datePublished": "2021-09-23T02:30:56.078Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:57:46.001Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1371 (GCVE-0-2021-1371)

    Vulnerability from nvd – Published: 2021-03-24 20:15 – Updated: 2024-11-08 23:31
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability
    Summary
    A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-03-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.024Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210324 Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1371",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:19:29.781002Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-08T23:31:47.381Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-03-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-03-24T20:15:51.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210324 Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sdwan-esc-rSNVvTf9",
            "defect": [
              [
                "CSCvv43400"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-03-24T16:00:00",
              "ID": "CVE-2021-1371",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.6",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-269"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210324 Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-sdwan-esc-rSNVvTf9",
              "defect": [
                [
                  "CSCvv43400"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1371",
        "datePublished": "2021-03-24T20:15:51.816Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-08T23:31:47.381Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1454 (GCVE-0-2021-1454)

    Vulnerability from nvd – Published: 2021-03-24 20:06 – Updated: 2024-11-08 23:34
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities
    Summary
    Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-03-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.235Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1454",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:19:47.157767Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-08T23:34:12.372Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-03-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-03-24T20:06:45.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
            }
          ],
          "source": {
            "advisory": "cisco-sa-xesdwpinj-V4weeqzU",
            "defect": [
              [
                "CSCvk59304",
                "CSCvw64834"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-03-24T16:00:00",
              "ID": "CVE-2021-1454",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.0",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-xesdwpinj-V4weeqzU",
              "defect": [
                [
                  "CSCvk59304",
                  "CSCvw64834"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1454",
        "datePublished": "2021-03-24T20:06:45.916Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-08T23:34:12.372Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1432 (GCVE-0-2021-1432)

    Vulnerability from nvd – Published: 2021-03-24 20:05 – Updated: 2024-11-08 23:36
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability
    Summary
    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are then executed on the device by the root user. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-03-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.238Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210324 Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1432",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:20:38.778001Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-08T23:36:27.759Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-03-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are then executed on the device by the root user. A successful exploit could allow the attacker to execute arbitrary commands as the root user."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-03-24T20:05:21.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210324 Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3"
            }
          ],
          "source": {
            "advisory": "cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3",
            "defect": [
              [
                "CSCvu50633"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-03-24T16:00:00",
              "ID": "CVE-2021-1432",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are then executed on the device by the root user. A successful exploit could allow the attacker to execute arbitrary commands as the root user."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "7.3",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210324 Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3",
              "defect": [
                [
                  "CSCvu50633"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1432",
        "datePublished": "2021-03-24T20:05:22.021Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-08T23:36:27.759Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1383 (GCVE-0-2021-1383)

    Vulnerability from nvd – Published: 2021-03-24 20:07 – Updated: 2024-11-08 17:53
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities
    Summary
    Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2021-03-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:16.884Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1383",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T17:53:18.298543Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-08T17:53:28.997Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-03-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-22T16:14:02.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r"
            }
          ],
          "source": {
            "advisory": "cisco-sa-xesdwpinj-V4weeqzU",
            "defect": [
              [
                "CSCvk59304",
                "CSCvw64834"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-03-24T16:00:00",
              "ID": "CVE-2021-1383",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.0",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
                },
                {
                  "name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r",
                  "refsource": "MISC",
                  "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-xesdwpinj-V4weeqzU",
              "defect": [
                [
                  "CSCvk59304",
                  "CSCvw64834"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1383",
        "datePublished": "2021-03-24T20:07:41.020Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-08T17:53:28.997Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20352 (GCVE-0-2025-20352)

    Vulnerability from cvelistv5 – Published: 2025-09-24 17:10 – Updated: 2026-02-26 17:48
    VLAI CISA KEVIntel
    Summary
    A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials. An authenticated, remote attacker with high privileges could execute code as the root user on an affected device that is running Cisco IOS XE Software. To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks. This vulnerability is due to a stack overflow condition in the SNMP subsystem of the affected software. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system. Note: This vulnerability affects all versions of SNMP.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Cisco IOS Affected: 12.2(55)SE
    Affected: 12.2(55)SE3
    Affected: 12.2(55)SE2
    Affected: 12.2(58)SE
    Affected: 12.2(55)SE1
    Affected: 12.2(58)SE1
    Affected: 12.2(55)SE4
    Affected: 12.2(58)SE2
    Affected: 12.2(55)SE5
    Affected: 12.2(55)SE6
    Affected: 12.2(55)SE7
    Affected: 12.2(55)SE8
    Affected: 12.2(55)SE9
    Affected: 12.2(55)SE10
    Affected: 12.2(55)SE11
    Affected: 12.2(55)SE12
    Affected: 12.2(55)SE13
    Affected: 12.2(58)EZ
    Affected: 12.2(53)EZ
    Affected: 12.2(55)EZ
    Affected: 12.2(60)EZ
    Affected: 12.2(60)EZ1
    Affected: 12.2(60)EZ2
    Affected: 12.2(60)EZ3
    Affected: 12.2(60)EZ4
    Affected: 12.2(60)EZ5
    Affected: 12.2(60)EZ6
    Affected: 12.2(60)EZ7
    Affected: 12.2(60)EZ8
    Affected: 12.2(60)EZ9
    Affected: 12.2(60)EZ10
    Affected: 12.2(60)EZ11
    Affected: 12.2(60)EZ12
    Affected: 12.2(60)EZ13
    Affected: 12.2(60)EZ14
    Affected: 12.2(60)EZ15
    Affected: 12.2(33)SXI2
    Affected: 12.2(33)SXI3
    Affected: 12.2(33)SXI5
    Affected: 12.2(33)SXI4a
    Affected: 12.2(33)SXI4
    Affected: 12.2(33)SXI2a
    Affected: 12.2(33)SXI
    Affected: 12.2(33)SXI6
    Affected: 12.2(33)SXI7
    Affected: 12.2(33)SXI1
    Affected: 12.2(33)SXI8
    Affected: 12.2(33)SXI9
    Affected: 12.2(33)SXI8a
    Affected: 12.2(33)SXI10
    Affected: 12.2(33)SXI11
    Affected: 12.2(33)SXI12
    Affected: 12.2(33)SXI13
    Affected: 12.2(33)SXI14
    Affected: 12.2(50)SQ2
    Affected: 12.2(50)SQ1
    Affected: 12.2(50)SQ
    Affected: 12.2(50)SQ3
    Affected: 12.2(50)SQ4
    Affected: 12.2(50)SQ5
    Affected: 12.2(50)SQ6
    Affected: 12.2(50)SQ7
    Affected: 15.3(1)T
    Affected: 15.3(2)T
    Affected: 15.3(1)T1
    Affected: 15.3(1)T2
    Affected: 15.3(1)T3
    Affected: 15.3(1)T4
    Affected: 15.3(2)T1
    Affected: 15.3(2)T2
    Affected: 15.3(2)T3
    Affected: 15.3(2)T4
    Affected: 15.0(1)EY
    Affected: 15.0(1)EY1
    Affected: 15.0(1)EY2
    Affected: 15.0(2)EY
    Affected: 15.0(2)EY1
    Affected: 15.0(2)EY2
    Affected: 15.0(2)EY3
    Affected: 15.0(1)SE
    Affected: 15.0(2)SE
    Affected: 15.0(1)SE1
    Affected: 15.0(1)SE2
    Affected: 15.0(1)SE3
    Affected: 15.0(2)SE1
    Affected: 15.0(2)SE2
    Affected: 15.0(2)SE3
    Affected: 15.0(2)SE4
    Affected: 15.0(2)SE5
    Affected: 15.0(2)SE6
    Affected: 15.0(2)SE7
    Affected: 15.0(2)SE8
    Affected: 15.0(2)SE9
    Affected: 15.0(2)SE10
    Affected: 15.0(2)SE11
    Affected: 15.0(2)SE10a
    Affected: 15.0(2)SE12
    Affected: 15.0(2)SE13
    Affected: 15.0(1)SY
    Affected: 15.0(1)SY1
    Affected: 15.0(1)SY2
    Affected: 15.0(1)SY3
    Affected: 15.0(1)SY4
    Affected: 15.0(1)SY5
    Affected: 15.0(1)SY6
    Affected: 15.0(1)SY7
    Affected: 15.0(1)SY8
    Affected: 15.0(1)SY7a
    Affected: 15.0(1)SY9
    Affected: 15.0(1)SY10
    Affected: 12.2(33)SXJ
    Affected: 12.2(33)SXJ1
    Affected: 12.2(33)SXJ2
    Affected: 12.2(33)SXJ3
    Affected: 12.2(33)SXJ4
    Affected: 12.2(33)SXJ5
    Affected: 12.2(33)SXJ6
    Affected: 12.2(33)SXJ7
    Affected: 12.2(33)SXJ8
    Affected: 12.2(33)SXJ9
    Affected: 12.2(33)SXJ10
    Affected: 15.1(1)SG
    Affected: 15.1(2)SG
    Affected: 15.1(1)SG1
    Affected: 15.1(1)SG2
    Affected: 15.1(2)SG1
    Affected: 15.1(2)SG2
    Affected: 15.1(2)SG3
    Affected: 15.1(2)SG4
    Affected: 15.1(2)SG5
    Affected: 15.1(2)SG6
    Affected: 15.1(2)SG7
    Affected: 15.1(2)SG8
    Affected: 15.2(4)M
    Affected: 15.2(4)M1
    Affected: 15.2(4)M2
    Affected: 15.2(4)M4
    Affected: 15.2(4)M3
    Affected: 15.2(4)M5
    Affected: 15.2(4)M8
    Affected: 15.2(4)M10
    Affected: 15.2(4)M7
    Affected: 15.2(4)M6
    Affected: 15.2(4)M9
    Affected: 15.2(4)M6a
    Affected: 15.2(4)M11
    Affected: 15.0(2)SG
    Affected: 15.0(2)SG1
    Affected: 15.0(2)SG2
    Affected: 15.0(2)SG3
    Affected: 15.0(2)SG4
    Affected: 15.0(2)SG5
    Affected: 15.0(2)SG6
    Affected: 15.0(2)SG7
    Affected: 15.0(2)SG8
    Affected: 15.0(2)SG9
    Affected: 15.0(2)SG10
    Affected: 15.0(2)SG11
    Affected: 15.2(2)GC
    Affected: 15.2(3)GC
    Affected: 15.2(3)GC1
    Affected: 15.2(4)GC
    Affected: 15.2(4)GC1
    Affected: 15.2(4)GC2
    Affected: 15.2(4)GC3
    Affected: 15.1(1)SY
    Affected: 15.1(1)SY1
    Affected: 15.1(2)SY
    Affected: 15.1(2)SY1
    Affected: 15.1(2)SY2
    Affected: 15.1(1)SY2
    Affected: 15.1(1)SY3
    Affected: 15.1(2)SY3
    Affected: 15.1(1)SY4
    Affected: 15.1(2)SY4
    Affected: 15.1(1)SY5
    Affected: 15.1(2)SY5
    Affected: 15.1(2)SY4a
    Affected: 15.1(1)SY6
    Affected: 15.1(2)SY6
    Affected: 15.1(2)SY7
    Affected: 15.1(2)SY8
    Affected: 15.1(2)SY9
    Affected: 15.1(2)SY10
    Affected: 15.1(2)SY11
    Affected: 15.1(2)SY12
    Affected: 15.1(2)SY13
    Affected: 15.1(2)SY14
    Affected: 15.1(2)SY15
    Affected: 15.1(2)SY16
    Affected: 15.4(1)T
    Affected: 15.4(2)T
    Affected: 15.4(1)T2
    Affected: 15.4(1)T1
    Affected: 15.4(1)T3
    Affected: 15.4(2)T1
    Affected: 15.4(2)T3
    Affected: 15.4(2)T2
    Affected: 15.4(1)T4
    Affected: 15.4(2)T4
    Affected: 15.0(2)EA
    Affected: 15.0(2)EA1
    Affected: 15.2(1)E
    Affected: 15.2(2)E
    Affected: 15.2(1)E1
    Affected: 15.2(3)E
    Affected: 15.2(1)E2
    Affected: 15.2(1)E3
    Affected: 15.2(2)E1
    Affected: 15.2(4)E
    Affected: 15.2(3)E1
    Affected: 15.2(2)E2
    Affected: 15.2(2a)E1
    Affected: 15.2(2)E3
    Affected: 15.2(2a)E2
    Affected: 15.2(3)E2
    Affected: 15.2(3a)E
    Affected: 15.2(3)E3
    Affected: 15.2(4)E1
    Affected: 15.2(2)E4
    Affected: 15.2(2)E5
    Affected: 15.2(4)E2
    Affected: 15.2(3)E4
    Affected: 15.2(5)E
    Affected: 15.2(4)E3
    Affected: 15.2(2)E6
    Affected: 15.2(5a)E
    Affected: 15.2(5)E1
    Affected: 15.2(5b)E
    Affected: 15.2(2)E5a
    Affected: 15.2(5c)E
    Affected: 15.2(2)E5b
    Affected: 15.2(5a)E1
    Affected: 15.2(4)E4
    Affected: 15.2(2)E7
    Affected: 15.2(5)E2
    Affected: 15.2(6)E
    Affected: 15.2(4)E5
    Affected: 15.2(5)E2c
    Affected: 15.2(2)E8
    Affected: 15.2(6)E0a
    Affected: 15.2(6)E1
    Affected: 15.2(6)E0c
    Affected: 15.2(4)E6
    Affected: 15.2(6)E2
    Affected: 15.2(2)E9
    Affected: 15.2(4)E7
    Affected: 15.2(7)E
    Affected: 15.2(2)E10
    Affected: 15.2(4)E8
    Affected: 15.2(6)E2a
    Affected: 15.2(6)E2b
    Affected: 15.2(7)E1
    Affected: 15.2(7)E0a
    Affected: 15.2(7)E0b
    Affected: 15.2(7)E0s
    Affected: 15.2(6)E3
    Affected: 15.2(4)E9
    Affected: 15.2(7)E2
    Affected: 15.2(7a)E0b
    Affected: 15.2(4)E10
    Affected: 15.2(7)E3
    Affected: 15.2(7)E1a
    Affected: 15.2(7b)E0b
    Affected: 15.2(7)E2a
    Affected: 15.2(4)E10a
    Affected: 15.2(7)E4
    Affected: 15.2(7)E3k
    Affected: 15.2(8)E
    Affected: 15.2(8)E1
    Affected: 15.2(7)E5
    Affected: 15.2(7)E6
    Affected: 15.2(8)E2
    Affected: 15.2(4)E10d
    Affected: 15.2(7)E7
    Affected: 15.2(8)E3
    Affected: 15.2(7)E8
    Affected: 15.2(8)E4
    Affected: 15.2(7)E9
    Affected: 15.2(8)E5
    Affected: 15.2(8)E6
    Affected: 15.2(7)E10
    Affected: 15.2(7)E11
    Affected: 15.2(8)E7
    Affected: 15.2(7)E12
    Affected: 15.2(2)JB
    Affected: 15.2(2)JB2
    Affected: 15.2(4)JB
    Affected: 15.2(2)JB3
    Affected: 15.2(4)JB1
    Affected: 15.2(4)JB2
    Affected: 15.2(4)JB3
    Affected: 15.2(4)JB3a
    Affected: 15.2(2)JB4
    Affected: 15.2(4)JB4
    Affected: 15.2(4)JB3h
    Affected: 15.2(4)JB3b
    Affected: 15.2(4)JB5
    Affected: 15.2(4)JB6
    Affected: 15.2(2)JB5
    Affected: 15.2(2)JB6
    Affected: 15.2(2)JAX
    Affected: 15.3(3)M
    Affected: 15.3(3)M1
    Affected: 15.3(3)M2
    Affected: 15.3(3)M3
    Affected: 15.3(3)M5
    Affected: 15.3(3)M4
    Affected: 15.3(3)M6
    Affected: 15.3(3)M7
    Affected: 15.3(3)M8
    Affected: 15.3(3)M9
    Affected: 15.3(3)M10
    Affected: 15.3(3)M8a
    Affected: 15.2(4)JN
    Affected: 15.2(1)EY
    Affected: 15.0(2)EJ
    Affected: 15.0(2)EJ1
    Affected: 15.2(1)SY
    Affected: 15.2(1)SY1
    Affected: 15.2(1)SY0a
    Affected: 15.2(1)SY2
    Affected: 15.2(2)SY
    Affected: 15.2(1)SY1a
    Affected: 15.2(2)SY1
    Affected: 15.2(2)SY2
    Affected: 15.2(1)SY3
    Affected: 15.2(1)SY4
    Affected: 15.2(2)SY3
    Affected: 15.2(1)SY5
    Affected: 15.2(1)SY6
    Affected: 15.2(1)SY7
    Affected: 15.2(1)SY8
    Affected: 15.2(5)EX
    Affected: 15.0(2)EK
    Affected: 15.0(2)EK1
    Affected: 15.4(1)CG
    Affected: 15.4(1)CG1
    Affected: 15.4(2)CG
    Affected: 15.5(1)S
    Affected: 15.5(2)S
    Affected: 15.5(1)S1
    Affected: 15.5(3)S
    Affected: 15.5(1)S2
    Affected: 15.5(1)S3
    Affected: 15.5(2)S1
    Affected: 15.5(2)S2
    Affected: 15.5(3)S1
    Affected: 15.5(3)S1a
    Affected: 15.5(2)S3
    Affected: 15.5(3)S2
    Affected: 15.5(3)S0a
    Affected: 15.5(3)S3
    Affected: 15.5(1)S4
    Affected: 15.5(2)S4
    Affected: 15.5(3)S4
    Affected: 15.5(3)S5
    Affected: 15.5(3)S6
    Affected: 15.5(3)S6a
    Affected: 15.5(3)S7
    Affected: 15.5(3)S6b
    Affected: 15.5(3)S8
    Affected: 15.5(3)S9
    Affected: 15.5(3)S10
    Affected: 15.5(3)S9a
    Affected: 15.5(1)T
    Affected: 15.5(1)T1
    Affected: 15.5(2)T
    Affected: 15.5(1)T2
    Affected: 15.5(1)T3
    Affected: 15.5(2)T1
    Affected: 15.5(2)T2
    Affected: 15.5(2)T3
    Affected: 15.5(2)T4
    Affected: 15.5(1)T4
    Affected: 15.2(2)EA
    Affected: 15.2(2)EA1
    Affected: 15.2(2)EA2
    Affected: 15.2(3)EA
    Affected: 15.2(4)EA
    Affected: 15.2(4)EA1
    Affected: 15.2(2)EA3
    Affected: 15.2(4)EA3
    Affected: 15.2(5)EA
    Affected: 15.2(4)EA4
    Affected: 15.2(4)EA5
    Affected: 15.2(4)EA6
    Affected: 15.2(4)EA7
    Affected: 15.2(4)EA8
    Affected: 15.2(4)EA9
    Affected: 15.2(4)EA9a
    Affected: 15.3(3)JN3
    Affected: 15.3(3)JN4
    Affected: 15.3(3)JN7
    Affected: 15.3(3)JN8
    Affected: 15.3(3)JN9
    Affected: 15.5(3)M
    Affected: 15.5(3)M1
    Affected: 15.5(3)M0a
    Affected: 15.5(3)M2
    Affected: 15.5(3)M3
    Affected: 15.5(3)M4
    Affected: 15.5(3)M4a
    Affected: 15.5(3)M5
    Affected: 15.5(3)M6
    Affected: 15.5(3)M7
    Affected: 15.5(3)M6a
    Affected: 15.5(3)M8
    Affected: 15.5(3)M9
    Affected: 15.5(3)M10
    Affected: 15.3(3)JA1m
    Affected: 15.3(3)JA1
    Affected: 15.3(3)JA4
    Affected: 15.3(3)JA5
    Affected: 15.3(3)JA6
    Affected: 15.3(3)JA7
    Affected: 15.3(3)JA8
    Affected: 15.3(3)JA10
    Affected: 15.3(3)JA11
    Affected: 15.3(3)JA12
    Affected: 15.3(3)JAA
    Affected: 15.3(3)JAA11
    Affected: 15.3(3)JAA12
    Affected: 15.3(3)JAB
    Affected: 15.3(3)JB
    Affected: 15.5(3)SN
    Affected: 15.0(2)SQD
    Affected: 15.0(2)SQD1
    Affected: 15.0(2)SQD2
    Affected: 15.0(2)SQD3
    Affected: 15.0(2)SQD4
    Affected: 15.0(2)SQD5
    Affected: 15.0(2)SQD6
    Affected: 15.0(2)SQD7
    Affected: 15.0(2)SQD8
    Affected: 15.6(1)S
    Affected: 15.6(2)S
    Affected: 15.6(2)S1
    Affected: 15.6(1)S1
    Affected: 15.6(1)S2
    Affected: 15.6(2)S2
    Affected: 15.6(1)S3
    Affected: 15.6(2)S3
    Affected: 15.6(1)S4
    Affected: 15.6(2)S4
    Affected: 15.6(1)T
    Affected: 15.6(2)T
    Affected: 15.6(1)T0a
    Affected: 15.6(1)T1
    Affected: 15.6(2)T1
    Affected: 15.6(1)T2
    Affected: 15.6(2)T2
    Affected: 15.6(1)T3
    Affected: 15.6(2)T3
    Affected: 15.3(3)JNB
    Affected: 15.3(3)JNB1
    Affected: 15.3(3)JNB2
    Affected: 15.3(3)JNB3
    Affected: 15.3(3)JNB4
    Affected: 15.3(3)JNB6
    Affected: 15.3(3)JNB5
    Affected: 15.3(3)JAX
    Affected: 15.3(3)JAX1
    Affected: 15.3(3)JAX2
    Affected: 15.3(3)JBB
    Affected: 15.3(3)JBB1
    Affected: 15.3(3)JBB2
    Affected: 15.3(3)JBB4
    Affected: 15.3(3)JBB5
    Affected: 15.3(3)JBB6
    Affected: 15.3(3)JBB8
    Affected: 15.3(3)JBB6a
    Affected: 15.3(3)JC
    Affected: 15.3(3)JC1
    Affected: 15.3(3)JC2
    Affected: 15.3(3)JC3
    Affected: 15.3(3)JC4
    Affected: 15.3(3)JC5
    Affected: 15.3(3)JC6
    Affected: 15.3(3)JC8
    Affected: 15.3(3)JC9
    Affected: 15.3(3)JC14
    Affected: 15.3(1)SY
    Affected: 15.3(1)SY1
    Affected: 15.3(1)SY2
    Affected: 15.3(3)JNC
    Affected: 15.3(3)JNC1
    Affected: 15.3(3)JNC4
    Affected: 15.3(3)JNP
    Affected: 15.3(3)JNP1
    Affected: 15.3(3)JNP3
    Affected: 15.6(2)SP
    Affected: 15.6(2)SP1
    Affected: 15.6(2)SP2
    Affected: 15.6(2)SP3
    Affected: 15.6(2)SP4
    Affected: 15.6(2)SP5
    Affected: 15.6(2)SP6
    Affected: 15.6(2)SP7
    Affected: 15.6(2)SP8
    Affected: 15.6(2)SP9
    Affected: 15.6(2)SN
    Affected: 15.3(3)JPB
    Affected: 15.3(3)JPB1
    Affected: 15.3(3)JD
    Affected: 15.3(3)JD2
    Affected: 15.3(3)JD3
    Affected: 15.3(3)JD4
    Affected: 15.3(3)JD5
    Affected: 15.3(3)JD6
    Affected: 15.3(3)JD7
    Affected: 15.3(3)JD8
    Affected: 15.3(3)JD9
    Affected: 15.3(3)JD11
    Affected: 15.3(3)JD13
    Affected: 15.3(3)JD14
    Affected: 15.3(3)JD16
    Affected: 15.3(3)JD17
    Affected: 15.6(3)M
    Affected: 15.6(3)M1
    Affected: 15.6(3)M0a
    Affected: 15.6(3)M1b
    Affected: 15.6(3)M2
    Affected: 15.6(3)M2a
    Affected: 15.6(3)M3
    Affected: 15.6(3)M3a
    Affected: 15.6(3)M4
    Affected: 15.6(3)M5
    Affected: 15.6(3)M6
    Affected: 15.6(3)M7
    Affected: 15.6(3)M6a
    Affected: 15.6(3)M6b
    Affected: 15.6(3)M8
    Affected: 15.6(3)M9
    Affected: 15.2(4)EC1
    Affected: 15.2(4)EC2
    Affected: 15.3(3)JPC
    Affected: 15.3(3)JPC1
    Affected: 15.3(3)JPC2
    Affected: 15.3(3)JPC3
    Affected: 15.3(3)JPC5
    Affected: 15.3(3)JND
    Affected: 15.3(3)JND1
    Affected: 15.3(3)JND2
    Affected: 15.3(3)JND3
    Affected: 15.4(1)SY
    Affected: 15.4(1)SY1
    Affected: 15.4(1)SY2
    Affected: 15.4(1)SY3
    Affected: 15.4(1)SY4
    Affected: 15.3(3)JE
    Affected: 15.3(3)JPD
    Affected: 15.3(3)JDA7
    Affected: 15.3(3)JDA8
    Affected: 15.3(3)JDA9
    Affected: 15.3(3)JDA11
    Affected: 15.3(3)JDA13
    Affected: 15.3(3)JDA14
    Affected: 15.3(3)JDA16
    Affected: 15.3(3)JDA17
    Affected: 15.5(1)SY
    Affected: 15.5(1)SY1
    Affected: 15.5(1)SY2
    Affected: 15.5(1)SY3
    Affected: 15.5(1)SY4
    Affected: 15.5(1)SY5
    Affected: 15.5(1)SY6
    Affected: 15.5(1)SY7
    Affected: 15.5(1)SY8
    Affected: 15.5(1)SY9
    Affected: 15.5(1)SY10
    Affected: 15.5(1)SY11
    Affected: 15.5(1)SY12
    Affected: 15.5(1)SY13
    Affected: 15.5(1)SY14
    Affected: 15.5(1)SY15
    Affected: 15.3(3)JF
    Affected: 15.3(3)JF1
    Affected: 15.3(3)JF2
    Affected: 15.3(3)JF4
    Affected: 15.3(3)JF5
    Affected: 15.3(3)JF6
    Affected: 15.3(3)JF7
    Affected: 15.3(3)JF8
    Affected: 15.3(3)JF9
    Affected: 15.3(3)JF10
    Affected: 15.3(3)JF11
    Affected: 15.3(3)JF12
    Affected: 15.3(3)JF12i
    Affected: 15.3(3)JF14
    Affected: 15.3(3)JF14i
    Affected: 15.3(3)JF15
    Affected: 15.3(3)JCA7
    Affected: 15.3(3)JCA8
    Affected: 15.3(3)JCA9
    Affected: 15.7(3)M
    Affected: 15.7(3)M1
    Affected: 15.7(3)M0a
    Affected: 15.7(3)M3
    Affected: 15.7(3)M2
    Affected: 15.7(3)M4
    Affected: 15.7(3)M5
    Affected: 15.7(3)M4a
    Affected: 15.7(3)M4b
    Affected: 15.7(3)M6
    Affected: 15.7(3)M7
    Affected: 15.7(3)M8
    Affected: 15.7(3)M9
    Affected: 15.3(3)JG
    Affected: 15.3(3)JG1
    Affected: 15.3(3)JH
    Affected: 15.3(3)JH1
    Affected: 15.3(3)JI1
    Affected: 15.3(3)JI3
    Affected: 15.3(3)JI4
    Affected: 15.3(3)JI5
    Affected: 15.3(3)JI6
    Affected: 15.8(3)M
    Affected: 15.8(3)M1
    Affected: 15.8(3)M0a
    Affected: 15.8(3)M0b
    Affected: 15.8(3)M2
    Affected: 15.8(3)M1a
    Affected: 15.8(3)M3
    Affected: 15.8(3)M2a
    Affected: 15.8(3)M4
    Affected: 15.8(3)M3a
    Affected: 15.8(3)M3b
    Affected: 15.8(3)M5
    Affected: 15.8(3)M6
    Affected: 15.8(3)M7
    Affected: 15.8(3)M8
    Affected: 15.8(3)M9
    Affected: 15.9(3)M
    Affected: 15.9(3)M1
    Affected: 15.9(3)M0a
    Affected: 15.9(3)M2
    Affected: 15.9(3)M3
    Affected: 15.9(3)M2a
    Affected: 15.9(3)M3a
    Affected: 15.9(3)M4
    Affected: 15.9(3)M3b
    Affected: 15.9(3)M5
    Affected: 15.9(3)M4a
    Affected: 15.9(3)M6
    Affected: 15.9(3)M7
    Affected: 15.9(3)M6a
    Affected: 15.9(3)M6b
    Affected: 15.9(3)M8
    Affected: 15.9(3)M7a
    Affected: 15.9(3)M9
    Affected: 15.9(3)M8b
    Affected: 15.9(3)M10
    Affected: 15.9(3)M11
    Affected: 15.3(3)JK
    Affected: 15.3(3)JK1
    Affected: 15.3(3)JK2
    Affected: 15.3(3)JK3
    Affected: 15.3(3)JK2a
    Affected: 15.3(3)JK1t
    Affected: 15.3(3)JK4
    Affected: 15.3(3)JK5
    Affected: 15.3(3)JK6
    Affected: 15.3(3)JK7
    Affected: 15.3(3)JK8
    Affected: 15.3(3)JK8a
    Affected: 15.3(3)JK8b
    Affected: 15.3(3)JK9
    Affected: 15.3(3)JK10
    Affected: 15.3(3)JK11
    Affected: 15.3(3)JJ
    Affected: 15.3(3)JJ1
    Affected: 15.3(3)JPI1
    Affected: 15.3(3)JPI4
    Affected: 15.3(3)JPI1t
    Affected: 15.3(3)JPI5
    Affected: 15.3(3)JPI7
    Affected: 15.3(3)JPI6a
    Affected: 15.3(3)JPI8a
    Affected: 15.3(3)JPI9
    Affected: 15.3(3)JPI10
    Affected: 15.3(3)JPJ2
    Affected: 15.3(3)JPJ3
    Affected: 15.3(3)JPJ2t
    Affected: 15.3(3)JPJ3a
    Affected: 15.3(3)JPJ4
    Affected: 15.3(3)JPJ5
    Affected: 15.3(3)JPJ6
    Affected: 15.3(3)JPJ7
    Affected: 15.3(3)JPJ7c
    Affected: 15.3(3)JPJ8a
    Affected: 15.3(3)JPJ9
    Affected: 15.3(3)JPJ10
    Affected: 15.3(3)JPJ11
    Affected: 15.3(3)JPK
    Affected: 15.3(3)JPK1
    Affected: 15.3(3)JPK2
    Affected: 15.3(3)JPK3
    Affected: 15.3(3)JPK4
    Affected: 15.3(3)JPK5
    Affected: 15.3(3)JPK6
    Affected: 15.3(3)JPK7
    Affected: 15.3(3)JPK8
    Affected: 15.3(3)JPK9
    Affected: 15.3(3)JPL
    Affected: 15.3(3)JPM
    Affected: 15.3(3)JPN
    Affected: 15.3(3)JPN1
    Affected: 15.3(3)JPN2
    Affected: 15.3(3)JPN3
    Affected: 15.3(3)JPN4
    Affected: 15.3(3)JPN5
    Affected: 15.3(3)JPN6
    Affected: 15.3(3)JPO
    Affected: 15.3(3)JPP
    Affected: 15.3(3)JPQ
    Affected: 15.3(3)JPQ1
    Affected: 15.3(3)JPQ2
    Affected: 15.3(3)JPQ3
    Affected: 15.3(3)JPQ4
    Affected: 15.3(3)JPQ5
    Affected: 15.3(3)JPR
    Affected: 15.3(3)JPS
    Affected: 15.3(3)JPT
    Affected: 15.3(3)JPT1
    Affected: 15.3(3)JPT2
    Create a notification for this product.
    Cisco Cisco IOS XE Software Affected: 3.5.0E
    Affected: 3.5.1E
    Affected: 3.5.2E
    Affected: 3.5.3E
    Affected: 3.6.0E
    Affected: 3.6.1E
    Affected: 3.6.2aE
    Affected: 3.6.2E
    Affected: 3.6.3E
    Affected: 3.6.4E
    Affected: 3.6.5E
    Affected: 3.6.6E
    Affected: 3.6.5aE
    Affected: 3.6.7E
    Affected: 3.6.8E
    Affected: 3.6.7bE
    Affected: 3.6.9E
    Affected: 3.6.10E
    Affected: 3.14.0S
    Affected: 3.14.1S
    Affected: 3.14.2S
    Affected: 3.14.3S
    Affected: 3.14.4S
    Affected: 3.15.0S
    Affected: 3.15.1S
    Affected: 3.15.2S
    Affected: 3.15.1cS
    Affected: 3.15.3S
    Affected: 3.15.4S
    Affected: 3.7.0E
    Affected: 3.7.1E
    Affected: 3.7.2E
    Affected: 3.7.3E
    Affected: 3.7.4E
    Affected: 3.7.5E
    Affected: 3.5.0SQ
    Affected: 3.5.1SQ
    Affected: 3.5.2SQ
    Affected: 3.5.3SQ
    Affected: 3.5.4SQ
    Affected: 3.5.5SQ
    Affected: 3.5.6SQ
    Affected: 3.5.7SQ
    Affected: 3.5.8SQ
    Affected: 3.16.0S
    Affected: 3.16.1S
    Affected: 3.16.1aS
    Affected: 3.16.2S
    Affected: 3.16.2aS
    Affected: 3.16.0cS
    Affected: 3.16.3S
    Affected: 3.16.2bS
    Affected: 3.16.3aS
    Affected: 3.16.4S
    Affected: 3.16.4aS
    Affected: 3.16.4bS
    Affected: 3.16.5S
    Affected: 3.16.4dS
    Affected: 3.16.6S
    Affected: 3.16.7S
    Affected: 3.16.6bS
    Affected: 3.16.7aS
    Affected: 3.16.7bS
    Affected: 3.16.8S
    Affected: 3.16.9S
    Affected: 3.16.10S
    Affected: 3.17.0S
    Affected: 3.17.1S
    Affected: 3.17.2S
    Affected: 3.17.1aS
    Affected: 3.17.3S
    Affected: 3.17.4S
    Affected: 3.8.0E
    Affected: 3.8.1E
    Affected: 3.8.2E
    Affected: 3.8.3E
    Affected: 3.8.4E
    Affected: 3.8.5E
    Affected: 3.8.5aE
    Affected: 3.8.6E
    Affected: 3.8.7E
    Affected: 3.8.8E
    Affected: 3.8.9E
    Affected: 3.8.10E
    Affected: 3.18.0aS
    Affected: 3.18.0S
    Affected: 3.18.1S
    Affected: 3.18.2S
    Affected: 3.18.3S
    Affected: 3.18.4S
    Affected: 3.18.0SP
    Affected: 3.18.1SP
    Affected: 3.18.1aSP
    Affected: 3.18.1bSP
    Affected: 3.18.1cSP
    Affected: 3.18.2SP
    Affected: 3.18.2aSP
    Affected: 3.18.3SP
    Affected: 3.18.4SP
    Affected: 3.18.3aSP
    Affected: 3.18.3bSP
    Affected: 3.18.5SP
    Affected: 3.18.6SP
    Affected: 3.18.7SP
    Affected: 3.18.8aSP
    Affected: 3.18.9SP
    Affected: 3.9.0E
    Affected: 3.9.1E
    Affected: 3.9.2E
    Affected: 16.6.1
    Affected: 16.6.2
    Affected: 16.6.3
    Affected: 16.6.4
    Affected: 16.6.5
    Affected: 16.6.4a
    Affected: 16.6.5a
    Affected: 16.6.6
    Affected: 16.6.7
    Affected: 16.6.8
    Affected: 16.6.9
    Affected: 16.6.10
    Affected: 16.7.1
    Affected: 16.7.1a
    Affected: 16.7.1b
    Affected: 16.7.2
    Affected: 16.7.3
    Affected: 16.7.4
    Affected: 16.8.1
    Affected: 16.8.1a
    Affected: 16.8.1b
    Affected: 16.8.1s
    Affected: 16.8.1c
    Affected: 16.8.1d
    Affected: 16.8.2
    Affected: 16.8.1e
    Affected: 16.8.3
    Affected: 16.9.1
    Affected: 16.9.2
    Affected: 16.9.1a
    Affected: 16.9.1b
    Affected: 16.9.1s
    Affected: 16.9.3
    Affected: 16.9.4
    Affected: 16.9.3a
    Affected: 16.9.5
    Affected: 16.9.5f
    Affected: 16.9.6
    Affected: 16.9.7
    Affected: 16.9.8
    Affected: 16.10.1
    Affected: 16.10.1a
    Affected: 16.10.1b
    Affected: 16.10.1s
    Affected: 16.10.1c
    Affected: 16.10.1e
    Affected: 16.10.1d
    Affected: 16.10.2
    Affected: 16.10.1f
    Affected: 16.10.1g
    Affected: 16.10.3
    Affected: 3.10.0E
    Affected: 3.10.1E
    Affected: 3.10.0cE
    Affected: 3.10.2E
    Affected: 3.10.3E
    Affected: 16.11.1
    Affected: 16.11.1a
    Affected: 16.11.1b
    Affected: 16.11.2
    Affected: 16.11.1s
    Affected: 16.12.1
    Affected: 16.12.1s
    Affected: 16.12.1a
    Affected: 16.12.1c
    Affected: 16.12.1w
    Affected: 16.12.2
    Affected: 16.12.1y
    Affected: 16.12.2a
    Affected: 16.12.3
    Affected: 16.12.8
    Affected: 16.12.2s
    Affected: 16.12.1x
    Affected: 16.12.1t
    Affected: 16.12.4
    Affected: 16.12.3s
    Affected: 16.12.3a
    Affected: 16.12.4a
    Affected: 16.12.5
    Affected: 16.12.6
    Affected: 16.12.1z1
    Affected: 16.12.5a
    Affected: 16.12.5b
    Affected: 16.12.1z2
    Affected: 16.12.6a
    Affected: 16.12.7
    Affected: 16.12.9
    Affected: 16.12.10
    Affected: 16.12.10a
    Affected: 16.12.11
    Affected: 16.12.12
    Affected: 16.12.13
    Affected: 3.11.0E
    Affected: 3.11.1E
    Affected: 3.11.2E
    Affected: 3.11.3E
    Affected: 3.11.1aE
    Affected: 3.11.4E
    Affected: 3.11.3aE
    Affected: 3.11.5E
    Affected: 3.11.6E
    Affected: 3.11.7E
    Affected: 3.11.8E
    Affected: 3.11.9E
    Affected: 3.11.10E
    Affected: 3.11.11E
    Affected: 3.11.12E
    Affected: 17.1.1
    Affected: 17.1.1a
    Affected: 17.1.1s
    Affected: 17.1.1t
    Affected: 17.1.3
    Affected: 17.2.1
    Affected: 17.2.1r
    Affected: 17.2.1a
    Affected: 17.2.1v
    Affected: 17.2.2
    Affected: 17.2.3
    Affected: 17.3.1
    Affected: 17.3.2
    Affected: 17.3.3
    Affected: 17.3.1a
    Affected: 17.3.1w
    Affected: 17.3.2a
    Affected: 17.3.1x
    Affected: 17.3.1z
    Affected: 17.3.4
    Affected: 17.3.5
    Affected: 17.3.4a
    Affected: 17.3.6
    Affected: 17.3.4b
    Affected: 17.3.4c
    Affected: 17.3.5a
    Affected: 17.3.5b
    Affected: 17.3.7
    Affected: 17.3.8
    Affected: 17.3.8a
    Affected: 17.4.1
    Affected: 17.4.2
    Affected: 17.4.1a
    Affected: 17.4.1b
    Affected: 17.4.2a
    Affected: 17.5.1
    Affected: 17.5.1a
    Affected: 17.6.1
    Affected: 17.6.2
    Affected: 17.6.1w
    Affected: 17.6.1a
    Affected: 17.6.1x
    Affected: 17.6.3
    Affected: 17.6.1y
    Affected: 17.6.1z
    Affected: 17.6.3a
    Affected: 17.6.4
    Affected: 17.6.1z1
    Affected: 17.6.5
    Affected: 17.6.6
    Affected: 17.6.6a
    Affected: 17.6.5a
    Affected: 17.6.7
    Affected: 17.6.8
    Affected: 17.6.8a
    Affected: 17.7.1
    Affected: 17.7.1a
    Affected: 17.7.1b
    Affected: 17.7.2
    Affected: 17.10.1
    Affected: 17.10.1a
    Affected: 17.10.1b
    Affected: 17.8.1
    Affected: 17.8.1a
    Affected: 17.9.1
    Affected: 17.9.1w
    Affected: 17.9.2
    Affected: 17.9.1a
    Affected: 17.9.1x
    Affected: 17.9.1y
    Affected: 17.9.3
    Affected: 17.9.2a
    Affected: 17.9.1x1
    Affected: 17.9.3a
    Affected: 17.9.4
    Affected: 17.9.1y1
    Affected: 17.9.5
    Affected: 17.9.4a
    Affected: 17.9.5a
    Affected: 17.9.5b
    Affected: 17.9.6
    Affected: 17.9.6a
    Affected: 17.9.7
    Affected: 17.9.5e
    Affected: 17.9.5f
    Affected: 17.9.7a
    Affected: 17.9.7b
    Affected: 17.11.1
    Affected: 17.11.1a
    Affected: 17.12.1
    Affected: 17.12.1w
    Affected: 17.12.1a
    Affected: 17.12.1x
    Affected: 17.12.2
    Affected: 17.12.3
    Affected: 17.12.2a
    Affected: 17.12.1y
    Affected: 17.12.1z
    Affected: 17.12.4
    Affected: 17.12.3a
    Affected: 17.12.1z1
    Affected: 17.12.1z2
    Affected: 17.12.4a
    Affected: 17.12.5
    Affected: 17.12.4b
    Affected: 17.12.1z3
    Affected: 17.12.5a
    Affected: 17.12.1z4
    Affected: 17.12.5b
    Affected: 17.12.5c
    Affected: 17.13.1
    Affected: 17.13.1a
    Affected: 17.14.1
    Affected: 17.14.1a
    Affected: 17.15.1
    Affected: 17.15.1w
    Affected: 17.15.1a
    Affected: 17.15.2
    Affected: 17.15.1b
    Affected: 17.15.1x
    Affected: 17.15.1z
    Affected: 17.15.3
    Affected: 17.15.2c
    Affected: 17.15.2a
    Affected: 17.15.1y
    Affected: 17.15.2b
    Affected: 17.15.3a
    Affected: 17.15.4
    Affected: 17.15.3b
    Affected: 17.16.1
    Affected: 17.16.1a
    Affected: 17.17.1
    Affected: 17.18.1
    Create a notification for this product.
    Cisco Cisco IOS XE Catalyst SD-WAN Affected: 16.9.1
    Affected: 16.9.2
    Affected: 16.9.3
    Affected: 16.9.4
    Affected: 16.10.1
    Affected: 16.10.2
    Affected: 16.10.3
    Affected: 16.10.3a
    Affected: 16.10.3b
    Affected: 16.10.4
    Affected: 16.10.5
    Affected: 16.10.6
    Affected: 16.11.1a
    Affected: 16.12.1b
    Affected: 16.12.1d
    Affected: 16.12.1e
    Affected: 16.12.2r
    Affected: 16.12.3
    Affected: 16.12.4
    Affected: 16.12.4a
    Affected: 16.12.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20352",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-27T03:55:24.975809Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-09-29",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20352"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:48:03.098Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20352"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-09-29T00:00:00.000Z",
                "value": "CVE-2025-20352 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IOS",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.2(55)SE"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE3"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE2"
                },
                {
                  "status": "affected",
                  "version": "12.2(58)SE"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE1"
                },
                {
                  "status": "affected",
                  "version": "12.2(58)SE1"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE4"
                },
                {
                  "status": "affected",
                  "version": "12.2(58)SE2"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE5"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE6"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE7"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE8"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE9"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE10"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE11"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE12"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)SE13"
                },
                {
                  "status": "affected",
                  "version": "12.2(58)EZ"
                },
                {
                  "status": "affected",
                  "version": "12.2(53)EZ"
                },
                {
                  "status": "affected",
                  "version": "12.2(55)EZ"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ1"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ2"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ3"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ4"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ5"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ6"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ7"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ8"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ9"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ10"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ11"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ12"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ13"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ14"
                },
                {
                  "status": "affected",
                  "version": "12.2(60)EZ15"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI2"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI3"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI5"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI4a"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI4"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI2a"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI6"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI7"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI1"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI8"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI9"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI8a"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI10"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI11"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI12"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI13"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXI14"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ2"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ1"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ3"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ4"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ5"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ6"
                },
                {
                  "status": "affected",
                  "version": "12.2(50)SQ7"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)T"
                },
                {
                  "status": "affected",
                  "version": "15.3(2)T"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)T1"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)T2"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)T3"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)T4"
                },
                {
                  "status": "affected",
                  "version": "15.3(2)T1"
                },
                {
                  "status": "affected",
                  "version": "15.3(2)T2"
                },
                {
                  "status": "affected",
                  "version": "15.3(2)T3"
                },
                {
                  "status": "affected",
                  "version": "15.3(2)T4"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)EY"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)EY1"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)EY2"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EY"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EY1"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EY2"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EY3"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SE"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SE1"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SE2"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SE3"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE1"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE2"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE3"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE4"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE5"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE6"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE7"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE8"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE9"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE10"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE11"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE10a"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE12"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SE13"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY5"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY6"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY7"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY8"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY7a"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY9"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SY10"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ1"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ2"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ3"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ4"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ5"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ6"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ7"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ8"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ9"
                },
                {
                  "status": "affected",
                  "version": "12.2(33)SXJ10"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SG"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SG1"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SG2"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG1"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG2"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG3"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG4"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG5"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG6"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG7"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SG8"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M2"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M4"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M5"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M8"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M10"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M7"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M6"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M9"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M6a"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)M11"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG1"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG2"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG3"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG4"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG5"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG6"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG7"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG8"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG9"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG10"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SG11"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)GC"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)GC"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)GC1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)GC"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)GC1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)GC2"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)GC3"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY5"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY5"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY4a"
                },
                {
                  "status": "affected",
                  "version": "15.1(1)SY6"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY6"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY7"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY8"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY9"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY10"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY11"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY12"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY13"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY14"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY15"
                },
                {
                  "status": "affected",
                  "version": "15.1(2)SY16"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)T"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)T"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)T2"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)T1"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)T3"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)T1"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)T3"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)T2"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)T4"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)T4"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EA"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EA1"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(2a)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(2a)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(3a)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E4"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E5"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)E4"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E6"
                },
                {
                  "status": "affected",
                  "version": "15.2(5a)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(5b)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E5a"
                },
                {
                  "status": "affected",
                  "version": "15.2(5c)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E5b"
                },
                {
                  "status": "affected",
                  "version": "15.2(5a)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E4"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E7"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E5"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)E2c"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E8"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E0a"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E0c"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E6"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E9"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E7"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)E10"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E8"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E2a"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E2b"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E0a"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E0b"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E0s"
                },
                {
                  "status": "affected",
                  "version": "15.2(6)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E9"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(7a)E0b"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E10"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E1a"
                },
                {
                  "status": "affected",
                  "version": "15.2(7b)E0b"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E2a"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E10a"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E4"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E3k"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E1"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E5"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E6"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E2"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)E10d"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E7"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E3"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E8"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E4"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E9"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E5"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E6"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E10"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E11"
                },
                {
                  "status": "affected",
                  "version": "15.2(8)E7"
                },
                {
                  "status": "affected",
                  "version": "15.2(7)E12"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB2"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB2"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB3a"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB4"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB4"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB3h"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB3b"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB5"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JB6"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB5"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JB6"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)JAX"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)M8a"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)JN"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)EY"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EJ"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EJ1"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY0a"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)SY"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY1a"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY5"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY6"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY7"
                },
                {
                  "status": "affected",
                  "version": "15.2(1)SY8"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)EX"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EK"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)EK1"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)CG"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)CG1"
                },
                {
                  "status": "affected",
                  "version": "15.4(2)CG"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)S"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)S"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)S1"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)S2"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)S3"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)S1"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)S2"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S1"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S1a"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)S3"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S2"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S0a"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S3"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)S4"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)S4"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S4"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S5"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S6"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S6a"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S7"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S6b"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S8"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S9"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S10"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)S9a"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)T"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)T1"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)T"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)T2"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)T3"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)T1"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)T2"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)T3"
                },
                {
                  "status": "affected",
                  "version": "15.5(2)T4"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)T4"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)EA"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)EA1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)EA2"
                },
                {
                  "status": "affected",
                  "version": "15.2(3)EA"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA1"
                },
                {
                  "status": "affected",
                  "version": "15.2(2)EA3"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA3"
                },
                {
                  "status": "affected",
                  "version": "15.2(5)EA"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA4"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA5"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA6"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA7"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA8"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA9"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EA9a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JN3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JN4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JN7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JN8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JN9"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M0a"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M4a"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M6a"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)M10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA1m"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JA12"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAA"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAA11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAA12"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAB"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JB"
                },
                {
                  "status": "affected",
                  "version": "15.5(3)SN"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD1"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD2"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD3"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD4"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD5"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD6"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD7"
                },
                {
                  "status": "affected",
                  "version": "15.0(2)SQD8"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)S"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)S"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)S1"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)S1"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)S2"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)S2"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)S3"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)S3"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)S4"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)S4"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)T"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)T"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)T0a"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)T1"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)T1"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)T2"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)T2"
                },
                {
                  "status": "affected",
                  "version": "15.6(1)T3"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)T3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNB5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAX"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAX1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JAX2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JBB6a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JC14"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.3(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNC"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNC1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNC4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNP"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNP1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JNP3"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP1"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP2"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP3"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP4"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP5"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP6"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP7"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP8"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SP9"
                },
                {
                  "status": "affected",
                  "version": "15.6(2)SN"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPB"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPB1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD13"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD14"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD16"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JD17"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M0a"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M1b"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M2a"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M3a"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M6a"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M6b"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.6(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EC1"
                },
                {
                  "status": "affected",
                  "version": "15.2(4)EC2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPC"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPC1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPC2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPC3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPC5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JND"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JND1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JND2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JND3"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.4(1)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JE"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPD"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA13"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA14"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA16"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JDA17"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY1"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY2"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY3"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY4"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY5"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY6"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY7"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY8"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY9"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY10"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY11"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY12"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY13"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY14"
                },
                {
                  "status": "affected",
                  "version": "15.5(1)SY15"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF12"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF12i"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF14"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF14i"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JF15"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JCA7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JCA8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JCA9"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M0a"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M4a"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M4b"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.7(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JG"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JG1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JH"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JH1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JI1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JI3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JI4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JI5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JI6"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M0a"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M0b"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M1a"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M2a"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M3a"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M3b"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.8(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M1"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M0a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M2"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M3"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M2a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M3a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M4"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M3b"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M5"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M4a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M6"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M7"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M6a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M6b"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M8"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M7a"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M9"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M8b"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M10"
                },
                {
                  "status": "affected",
                  "version": "15.9(3)M11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK2a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK1t"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK8a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK8b"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JK11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JJ"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JJ1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI1t"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI6a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI8a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPI10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ2t"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ3a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ7c"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ8a"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ10"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPJ11"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK7"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK8"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPK9"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPL"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPM"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPN6"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPO"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPP"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ2"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ3"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ4"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPQ5"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPR"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPS"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPT"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPT1"
                },
                {
                  "status": "affected",
                  "version": "15.3(3)JPT2"
                }
              ]
            },
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.5.0E"
                },
                {
                  "status": "affected",
                  "version": "3.5.1E"
                },
                {
                  "status": "affected",
                  "version": "3.5.2E"
                },
                {
                  "status": "affected",
                  "version": "3.5.3E"
                },
                {
                  "status": "affected",
                  "version": "3.6.0E"
                },
                {
                  "status": "affected",
                  "version": "3.6.1E"
                },
                {
                  "status": "affected",
                  "version": "3.6.2aE"
                },
                {
                  "status": "affected",
                  "version": "3.6.2E"
                },
                {
                  "status": "affected",
                  "version": "3.6.3E"
                },
                {
                  "status": "affected",
                  "version": "3.6.4E"
                },
                {
                  "status": "affected",
                  "version": "3.6.5E"
                },
                {
                  "status": "affected",
                  "version": "3.6.6E"
                },
                {
                  "status": "affected",
                  "version": "3.6.5aE"
                },
                {
                  "status": "affected",
                  "version": "3.6.7E"
                },
                {
                  "status": "affected",
                  "version": "3.6.8E"
                },
                {
                  "status": "affected",
                  "version": "3.6.7bE"
                },
                {
                  "status": "affected",
                  "version": "3.6.9E"
                },
                {
                  "status": "affected",
                  "version": "3.6.10E"
                },
                {
                  "status": "affected",
                  "version": "3.14.0S"
                },
                {
                  "status": "affected",
                  "version": "3.14.1S"
                },
                {
                  "status": "affected",
                  "version": "3.14.2S"
                },
                {
                  "status": "affected",
                  "version": "3.14.3S"
                },
                {
                  "status": "affected",
                  "version": "3.14.4S"
                },
                {
                  "status": "affected",
                  "version": "3.15.0S"
                },
                {
                  "status": "affected",
                  "version": "3.15.1S"
                },
                {
                  "status": "affected",
                  "version": "3.15.2S"
                },
                {
                  "status": "affected",
                  "version": "3.15.1cS"
                },
                {
                  "status": "affected",
                  "version": "3.15.3S"
                },
                {
                  "status": "affected",
                  "version": "3.15.4S"
                },
                {
                  "status": "affected",
                  "version": "3.7.0E"
                },
                {
                  "status": "affected",
                  "version": "3.7.1E"
                },
                {
                  "status": "affected",
                  "version": "3.7.2E"
                },
                {
                  "status": "affected",
                  "version": "3.7.3E"
                },
                {
                  "status": "affected",
                  "version": "3.7.4E"
                },
                {
                  "status": "affected",
                  "version": "3.7.5E"
                },
                {
                  "status": "affected",
                  "version": "3.5.0SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.1SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.2SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.3SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.4SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.5SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.6SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.7SQ"
                },
                {
                  "status": "affected",
                  "version": "3.5.8SQ"
                },
                {
                  "status": "affected",
                  "version": "3.16.0S"
                },
                {
                  "status": "affected",
                  "version": "3.16.1S"
                },
                {
                  "status": "affected",
                  "version": "3.16.1aS"
                },
                {
                  "status": "affected",
                  "version": "3.16.2S"
                },
                {
                  "status": "affected",
                  "version": "3.16.2aS"
                },
                {
                  "status": "affected",
                  "version": "3.16.0cS"
                },
                {
                  "status": "affected",
                  "version": "3.16.3S"
                },
                {
                  "status": "affected",
                  "version": "3.16.2bS"
                },
                {
                  "status": "affected",
                  "version": "3.16.3aS"
                },
                {
                  "status": "affected",
                  "version": "3.16.4S"
                },
                {
                  "status": "affected",
                  "version": "3.16.4aS"
                },
                {
                  "status": "affected",
                  "version": "3.16.4bS"
                },
                {
                  "status": "affected",
                  "version": "3.16.5S"
                },
                {
                  "status": "affected",
                  "version": "3.16.4dS"
                },
                {
                  "status": "affected",
                  "version": "3.16.6S"
                },
                {
                  "status": "affected",
                  "version": "3.16.7S"
                },
                {
                  "status": "affected",
                  "version": "3.16.6bS"
                },
                {
                  "status": "affected",
                  "version": "3.16.7aS"
                },
                {
                  "status": "affected",
                  "version": "3.16.7bS"
                },
                {
                  "status": "affected",
                  "version": "3.16.8S"
                },
                {
                  "status": "affected",
                  "version": "3.16.9S"
                },
                {
                  "status": "affected",
                  "version": "3.16.10S"
                },
                {
                  "status": "affected",
                  "version": "3.17.0S"
                },
                {
                  "status": "affected",
                  "version": "3.17.1S"
                },
                {
                  "status": "affected",
                  "version": "3.17.2S"
                },
                {
                  "status": "affected",
                  "version": "3.17.1aS"
                },
                {
                  "status": "affected",
                  "version": "3.17.3S"
                },
                {
                  "status": "affected",
                  "version": "3.17.4S"
                },
                {
                  "status": "affected",
                  "version": "3.8.0E"
                },
                {
                  "status": "affected",
                  "version": "3.8.1E"
                },
                {
                  "status": "affected",
                  "version": "3.8.2E"
                },
                {
                  "status": "affected",
                  "version": "3.8.3E"
                },
                {
                  "status": "affected",
                  "version": "3.8.4E"
                },
                {
                  "status": "affected",
                  "version": "3.8.5E"
                },
                {
                  "status": "affected",
                  "version": "3.8.5aE"
                },
                {
                  "status": "affected",
                  "version": "3.8.6E"
                },
                {
                  "status": "affected",
                  "version": "3.8.7E"
                },
                {
                  "status": "affected",
                  "version": "3.8.8E"
                },
                {
                  "status": "affected",
                  "version": "3.8.9E"
                },
                {
                  "status": "affected",
                  "version": "3.8.10E"
                },
                {
                  "status": "affected",
                  "version": "3.18.0aS"
                },
                {
                  "status": "affected",
                  "version": "3.18.0S"
                },
                {
                  "status": "affected",
                  "version": "3.18.1S"
                },
                {
                  "status": "affected",
                  "version": "3.18.2S"
                },
                {
                  "status": "affected",
                  "version": "3.18.3S"
                },
                {
                  "status": "affected",
                  "version": "3.18.4S"
                },
                {
                  "status": "affected",
                  "version": "3.18.0SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.1SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.1aSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.1bSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.1cSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.2SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.2aSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.3SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.4SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.3aSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.3bSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.5SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.6SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.7SP"
                },
                {
                  "status": "affected",
                  "version": "3.18.8aSP"
                },
                {
                  "status": "affected",
                  "version": "3.18.9SP"
                },
                {
                  "status": "affected",
                  "version": "3.9.0E"
                },
                {
                  "status": "affected",
                  "version": "3.9.1E"
                },
                {
                  "status": "affected",
                  "version": "3.9.2E"
                },
                {
                  "status": "affected",
                  "version": "16.6.1"
                },
                {
                  "status": "affected",
                  "version": "16.6.2"
                },
                {
                  "status": "affected",
                  "version": "16.6.3"
                },
                {
                  "status": "affected",
                  "version": "16.6.4"
                },
                {
                  "status": "affected",
                  "version": "16.6.5"
                },
                {
                  "status": "affected",
                  "version": "16.6.4a"
                },
                {
                  "status": "affected",
                  "version": "16.6.5a"
                },
                {
                  "status": "affected",
                  "version": "16.6.6"
                },
                {
                  "status": "affected",
                  "version": "16.6.7"
                },
                {
                  "status": "affected",
                  "version": "16.6.8"
                },
                {
                  "status": "affected",
                  "version": "16.6.9"
                },
                {
                  "status": "affected",
                  "version": "16.6.10"
                },
                {
                  "status": "affected",
                  "version": "16.7.1"
                },
                {
                  "status": "affected",
                  "version": "16.7.1a"
                },
                {
                  "status": "affected",
                  "version": "16.7.1b"
                },
                {
                  "status": "affected",
                  "version": "16.7.2"
                },
                {
                  "status": "affected",
                  "version": "16.7.3"
                },
                {
                  "status": "affected",
                  "version": "16.7.4"
                },
                {
                  "status": "affected",
                  "version": "16.8.1"
                },
                {
                  "status": "affected",
                  "version": "16.8.1a"
                },
                {
                  "status": "affected",
                  "version": "16.8.1b"
                },
                {
                  "status": "affected",
                  "version": "16.8.1s"
                },
                {
                  "status": "affected",
                  "version": "16.8.1c"
                },
                {
                  "status": "affected",
                  "version": "16.8.1d"
                },
                {
                  "status": "affected",
                  "version": "16.8.2"
                },
                {
                  "status": "affected",
                  "version": "16.8.1e"
                },
                {
                  "status": "affected",
                  "version": "16.8.3"
                },
                {
                  "status": "affected",
                  "version": "16.9.1"
                },
                {
                  "status": "affected",
                  "version": "16.9.2"
                },
                {
                  "status": "affected",
                  "version": "16.9.1a"
                },
                {
                  "status": "affected",
                  "version": "16.9.1b"
                },
                {
                  "status": "affected",
                  "version": "16.9.1s"
                },
                {
                  "status": "affected",
                  "version": "16.9.3"
                },
                {
                  "status": "affected",
                  "version": "16.9.4"
                },
                {
                  "status": "affected",
                  "version": "16.9.3a"
                },
                {
                  "status": "affected",
                  "version": "16.9.5"
                },
                {
                  "status": "affected",
                  "version": "16.9.5f"
                },
                {
                  "status": "affected",
                  "version": "16.9.6"
                },
                {
                  "status": "affected",
                  "version": "16.9.7"
                },
                {
                  "status": "affected",
                  "version": "16.9.8"
                },
                {
                  "status": "affected",
                  "version": "16.10.1"
                },
                {
                  "status": "affected",
                  "version": "16.10.1a"
                },
                {
                  "status": "affected",
                  "version": "16.10.1b"
                },
                {
                  "status": "affected",
                  "version": "16.10.1s"
                },
                {
                  "status": "affected",
                  "version": "16.10.1c"
                },
                {
                  "status": "affected",
                  "version": "16.10.1e"
                },
                {
                  "status": "affected",
                  "version": "16.10.1d"
                },
                {
                  "status": "affected",
                  "version": "16.10.2"
                },
                {
                  "status": "affected",
                  "version": "16.10.1f"
                },
                {
                  "status": "affected",
                  "version": "16.10.1g"
                },
                {
                  "status": "affected",
                  "version": "16.10.3"
                },
                {
                  "status": "affected",
                  "version": "3.10.0E"
                },
                {
                  "status": "affected",
                  "version": "3.10.1E"
                },
                {
                  "status": "affected",
                  "version": "3.10.0cE"
                },
                {
                  "status": "affected",
                  "version": "3.10.2E"
                },
                {
                  "status": "affected",
                  "version": "3.10.3E"
                },
                {
                  "status": "affected",
                  "version": "16.11.1"
                },
                {
                  "status": "affected",
                  "version": "16.11.1a"
                },
                {
                  "status": "affected",
                  "version": "16.11.1b"
                },
                {
                  "status": "affected",
                  "version": "16.11.2"
                },
                {
                  "status": "affected",
                  "version": "16.11.1s"
                },
                {
                  "status": "affected",
                  "version": "16.12.1"
                },
                {
                  "status": "affected",
                  "version": "16.12.1s"
                },
                {
                  "status": "affected",
                  "version": "16.12.1a"
                },
                {
                  "status": "affected",
                  "version": "16.12.1c"
                },
                {
                  "status": "affected",
                  "version": "16.12.1w"
                },
                {
                  "status": "affected",
                  "version": "16.12.2"
                },
                {
                  "status": "affected",
                  "version": "16.12.1y"
                },
                {
                  "status": "affected",
                  "version": "16.12.2a"
                },
                {
                  "status": "affected",
                  "version": "16.12.3"
                },
                {
                  "status": "affected",
                  "version": "16.12.8"
                },
                {
                  "status": "affected",
                  "version": "16.12.2s"
                },
                {
                  "status": "affected",
                  "version": "16.12.1x"
                },
                {
                  "status": "affected",
                  "version": "16.12.1t"
                },
                {
                  "status": "affected",
                  "version": "16.12.4"
                },
                {
                  "status": "affected",
                  "version": "16.12.3s"
                },
                {
                  "status": "affected",
                  "version": "16.12.3a"
                },
                {
                  "status": "affected",
                  "version": "16.12.4a"
                },
                {
                  "status": "affected",
                  "version": "16.12.5"
                },
                {
                  "status": "affected",
                  "version": "16.12.6"
                },
                {
                  "status": "affected",
                  "version": "16.12.1z1"
                },
                {
                  "status": "affected",
                  "version": "16.12.5a"
                },
                {
                  "status": "affected",
                  "version": "16.12.5b"
                },
                {
                  "status": "affected",
                  "version": "16.12.1z2"
                },
                {
                  "status": "affected",
                  "version": "16.12.6a"
                },
                {
                  "status": "affected",
                  "version": "16.12.7"
                },
                {
                  "status": "affected",
                  "version": "16.12.9"
                },
                {
                  "status": "affected",
                  "version": "16.12.10"
                },
                {
                  "status": "affected",
                  "version": "16.12.10a"
                },
                {
                  "status": "affected",
                  "version": "16.12.11"
                },
                {
                  "status": "affected",
                  "version": "16.12.12"
                },
                {
                  "status": "affected",
                  "version": "16.12.13"
                },
                {
                  "status": "affected",
                  "version": "3.11.0E"
                },
                {
                  "status": "affected",
                  "version": "3.11.1E"
                },
                {
                  "status": "affected",
                  "version": "3.11.2E"
                },
                {
                  "status": "affected",
                  "version": "3.11.3E"
                },
                {
                  "status": "affected",
                  "version": "3.11.1aE"
                },
                {
                  "status": "affected",
                  "version": "3.11.4E"
                },
                {
                  "status": "affected",
                  "version": "3.11.3aE"
                },
                {
                  "status": "affected",
                  "version": "3.11.5E"
                },
                {
                  "status": "affected",
                  "version": "3.11.6E"
                },
                {
                  "status": "affected",
                  "version": "3.11.7E"
                },
                {
                  "status": "affected",
                  "version": "3.11.8E"
                },
                {
                  "status": "affected",
                  "version": "3.11.9E"
                },
                {
                  "status": "affected",
                  "version": "3.11.10E"
                },
                {
                  "status": "affected",
                  "version": "3.11.11E"
                },
                {
                  "status": "affected",
                  "version": "3.11.12E"
                },
                {
                  "status": "affected",
                  "version": "17.1.1"
                },
                {
                  "status": "affected",
                  "version": "17.1.1a"
                },
                {
                  "status": "affected",
                  "version": "17.1.1s"
                },
                {
                  "status": "affected",
                  "version": "17.1.1t"
                },
                {
                  "status": "affected",
                  "version": "17.1.3"
                },
                {
                  "status": "affected",
                  "version": "17.2.1"
                },
                {
                  "status": "affected",
                  "version": "17.2.1r"
                },
                {
                  "status": "affected",
                  "version": "17.2.1a"
                },
                {
                  "status": "affected",
                  "version": "17.2.1v"
                },
                {
                  "status": "affected",
                  "version": "17.2.2"
                },
                {
                  "status": "affected",
                  "version": "17.2.3"
                },
                {
                  "status": "affected",
                  "version": "17.3.1"
                },
                {
                  "status": "affected",
                  "version": "17.3.2"
                },
                {
                  "status": "affected",
                  "version": "17.3.3"
                },
                {
                  "status": "affected",
                  "version": "17.3.1a"
                },
                {
                  "status": "affected",
                  "version": "17.3.1w"
                },
                {
                  "status": "affected",
                  "version": "17.3.2a"
                },
                {
                  "status": "affected",
                  "version": "17.3.1x"
                },
                {
                  "status": "affected",
                  "version": "17.3.1z"
                },
                {
                  "status": "affected",
                  "version": "17.3.4"
                },
                {
                  "status": "affected",
                  "version": "17.3.5"
                },
                {
                  "status": "affected",
                  "version": "17.3.4a"
                },
                {
                  "status": "affected",
                  "version": "17.3.6"
                },
                {
                  "status": "affected",
                  "version": "17.3.4b"
                },
                {
                  "status": "affected",
                  "version": "17.3.4c"
                },
                {
                  "status": "affected",
                  "version": "17.3.5a"
                },
                {
                  "status": "affected",
                  "version": "17.3.5b"
                },
                {
                  "status": "affected",
                  "version": "17.3.7"
                },
                {
                  "status": "affected",
                  "version": "17.3.8"
                },
                {
                  "status": "affected",
                  "version": "17.3.8a"
                },
                {
                  "status": "affected",
                  "version": "17.4.1"
                },
                {
                  "status": "affected",
                  "version": "17.4.2"
                },
                {
                  "status": "affected",
                  "version": "17.4.1a"
                },
                {
                  "status": "affected",
                  "version": "17.4.1b"
                },
                {
                  "status": "affected",
                  "version": "17.4.2a"
                },
                {
                  "status": "affected",
                  "version": "17.5.1"
                },
                {
                  "status": "affected",
                  "version": "17.5.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1"
                },
                {
                  "status": "affected",
                  "version": "17.6.2"
                },
                {
                  "status": "affected",
                  "version": "17.6.1w"
                },
                {
                  "status": "affected",
                  "version": "17.6.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1x"
                },
                {
                  "status": "affected",
                  "version": "17.6.3"
                },
                {
                  "status": "affected",
                  "version": "17.6.1y"
                },
                {
                  "status": "affected",
                  "version": "17.6.1z"
                },
                {
                  "status": "affected",
                  "version": "17.6.3a"
                },
                {
                  "status": "affected",
                  "version": "17.6.4"
                },
                {
                  "status": "affected",
                  "version": "17.6.1z1"
                },
                {
                  "status": "affected",
                  "version": "17.6.5"
                },
                {
                  "status": "affected",
                  "version": "17.6.6"
                },
                {
                  "status": "affected",
                  "version": "17.6.6a"
                },
                {
                  "status": "affected",
                  "version": "17.6.5a"
                },
                {
                  "status": "affected",
                  "version": "17.6.7"
                },
                {
                  "status": "affected",
                  "version": "17.6.8"
                },
                {
                  "status": "affected",
                  "version": "17.6.8a"
                },
                {
                  "status": "affected",
                  "version": "17.7.1"
                },
                {
                  "status": "affected",
                  "version": "17.7.1a"
                },
                {
                  "status": "affected",
                  "version": "17.7.1b"
                },
                {
                  "status": "affected",
                  "version": "17.7.2"
                },
                {
                  "status": "affected",
                  "version": "17.10.1"
                },
                {
                  "status": "affected",
                  "version": "17.10.1a"
                },
                {
                  "status": "affected",
                  "version": "17.10.1b"
                },
                {
                  "status": "affected",
                  "version": "17.8.1"
                },
                {
                  "status": "affected",
                  "version": "17.8.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1"
                },
                {
                  "status": "affected",
                  "version": "17.9.1w"
                },
                {
                  "status": "affected",
                  "version": "17.9.2"
                },
                {
                  "status": "affected",
                  "version": "17.9.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1x"
                },
                {
                  "status": "affected",
                  "version": "17.9.1y"
                },
                {
                  "status": "affected",
                  "version": "17.9.3"
                },
                {
                  "status": "affected",
                  "version": "17.9.2a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1x1"
                },
                {
                  "status": "affected",
                  "version": "17.9.3a"
                },
                {
                  "status": "affected",
                  "version": "17.9.4"
                },
                {
                  "status": "affected",
                  "version": "17.9.1y1"
                },
                {
                  "status": "affected",
                  "version": "17.9.5"
                },
                {
                  "status": "affected",
                  "version": "17.9.4a"
                },
                {
                  "status": "affected",
                  "version": "17.9.5a"
                },
                {
                  "status": "affected",
                  "version": "17.9.5b"
                },
                {
                  "status": "affected",
                  "version": "17.9.6"
                },
                {
                  "status": "affected",
                  "version": "17.9.6a"
                },
                {
                  "status": "affected",
                  "version": "17.9.7"
                },
                {
                  "status": "affected",
                  "version": "17.9.5e"
                },
                {
                  "status": "affected",
                  "version": "17.9.5f"
                },
                {
                  "status": "affected",
                  "version": "17.9.7a"
                },
                {
                  "status": "affected",
                  "version": "17.9.7b"
                },
                {
                  "status": "affected",
                  "version": "17.11.1"
                },
                {
                  "status": "affected",
                  "version": "17.11.1a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1"
                },
                {
                  "status": "affected",
                  "version": "17.12.1w"
                },
                {
                  "status": "affected",
                  "version": "17.12.1a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1x"
                },
                {
                  "status": "affected",
                  "version": "17.12.2"
                },
                {
                  "status": "affected",
                  "version": "17.12.3"
                },
                {
                  "status": "affected",
                  "version": "17.12.2a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1y"
                },
                {
                  "status": "affected",
                  "version": "17.12.1z"
                },
                {
                  "status": "affected",
                  "version": "17.12.4"
                },
                {
                  "status": "affected",
                  "version": "17.12.3a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1z1"
                },
                {
                  "status": "affected",
                  "version": "17.12.1z2"
                },
                {
                  "status": "affected",
                  "version": "17.12.4a"
                },
                {
                  "status": "affected",
                  "version": "17.12.5"
                },
                {
                  "status": "affected",
                  "version": "17.12.4b"
                },
                {
                  "status": "affected",
                  "version": "17.12.1z3"
                },
                {
                  "status": "affected",
                  "version": "17.12.5a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1z4"
                },
                {
                  "status": "affected",
                  "version": "17.12.5b"
                },
                {
                  "status": "affected",
                  "version": "17.12.5c"
                },
                {
                  "status": "affected",
                  "version": "17.13.1"
                },
                {
                  "status": "affected",
                  "version": "17.13.1a"
                },
                {
                  "status": "affected",
                  "version": "17.14.1"
                },
                {
                  "status": "affected",
                  "version": "17.14.1a"
                },
                {
                  "status": "affected",
                  "version": "17.15.1"
                },
                {
                  "status": "affected",
                  "version": "17.15.1w"
                },
                {
                  "status": "affected",
                  "version": "17.15.1a"
                },
                {
                  "status": "affected",
                  "version": "17.15.2"
                },
                {
                  "status": "affected",
                  "version": "17.15.1b"
                },
                {
                  "status": "affected",
                  "version": "17.15.1x"
                },
                {
                  "status": "affected",
                  "version": "17.15.1z"
                },
                {
                  "status": "affected",
                  "version": "17.15.3"
                },
                {
                  "status": "affected",
                  "version": "17.15.2c"
                },
                {
                  "status": "affected",
                  "version": "17.15.2a"
                },
                {
                  "status": "affected",
                  "version": "17.15.1y"
                },
                {
                  "status": "affected",
                  "version": "17.15.2b"
                },
                {
                  "status": "affected",
                  "version": "17.15.3a"
                },
                {
                  "status": "affected",
                  "version": "17.15.4"
                },
                {
                  "status": "affected",
                  "version": "17.15.3b"
                },
                {
                  "status": "affected",
                  "version": "17.16.1"
                },
                {
                  "status": "affected",
                  "version": "17.16.1a"
                },
                {
                  "status": "affected",
                  "version": "17.17.1"
                },
                {
                  "status": "affected",
                  "version": "17.18.1"
                }
              ]
            },
            {
              "product": "Cisco IOS XE Catalyst SD-WAN",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "16.9.1"
                },
                {
                  "status": "affected",
                  "version": "16.9.2"
                },
                {
                  "status": "affected",
                  "version": "16.9.3"
                },
                {
                  "status": "affected",
                  "version": "16.9.4"
                },
                {
                  "status": "affected",
                  "version": "16.10.1"
                },
                {
                  "status": "affected",
                  "version": "16.10.2"
                },
                {
                  "status": "affected",
                  "version": "16.10.3"
                },
                {
                  "status": "affected",
                  "version": "16.10.3a"
                },
                {
                  "status": "affected",
                  "version": "16.10.3b"
                },
                {
                  "status": "affected",
                  "version": "16.10.4"
                },
                {
                  "status": "affected",
                  "version": "16.10.5"
                },
                {
                  "status": "affected",
                  "version": "16.10.6"
                },
                {
                  "status": "affected",
                  "version": "16.11.1a"
                },
                {
                  "status": "affected",
                  "version": "16.12.1b"
                },
                {
                  "status": "affected",
                  "version": "16.12.1d"
                },
                {
                  "status": "affected",
                  "version": "16.12.1e"
                },
                {
                  "status": "affected",
                  "version": "16.12.2r"
                },
                {
                  "status": "affected",
                  "version": "16.12.3"
                },
                {
                  "status": "affected",
                  "version": "16.12.4"
                },
                {
                  "status": "affected",
                  "version": "16.12.4a"
                },
                {
                  "status": "affected",
                  "version": "16.12.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following:\r\n\r \r An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials. \r An authenticated, remote attacker with high privileges could execute code as the root user on an affected device that is running Cisco IOS XE Software. To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device. \r \r An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks. \r\n\r This vulnerability is due to a stack overflow condition in the SNMP subsystem of the affected software. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.\r\n\r Note: This vulnerability affects all versions of SNMP."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) became aware of successful exploitation of this vulnerability in the wild after local Administrator credentials were compromised. Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-30T16:18:05.082Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-snmp-x4LPhte",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte"
            }
          ],
          "source": {
            "advisory": "cisco-sa-snmp-x4LPhte",
            "defects": [
              "CSCwq31287"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20352",
        "datePublished": "2025-09-24T17:10:42.891Z",
        "dateReserved": "2024-10-10T19:15:13.257Z",
        "dateUpdated": "2026-02-26T17:48:03.098Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20151 (GCVE-0-2025-20151)

    Vulnerability from cvelistv5 – Published: 2025-05-07 17:18 – Updated: 2025-05-07 19:46
    VLAI
    Title
    Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability
    Summary
    A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration. This vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied. Note: The attacker has no control of the SNMPv3 configuration. To exploit this vulnerability, the attacker must have valid SNMPv3 user credentials. For more information, see the section of this advisory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco IOS XE Catalyst SD-WAN Affected: 16.10.6
    Affected: 16.12.3
    Affected: 16.12.1
    Affected: 16.12.1a
    Affected: 16.12.4a
    Affected: 16.12.2r
    Affected: 16.12.1c
    Affected: 16.10.4
    Affected: 16.12.1b1
    Affected: 16.10.5
    Affected: 16.12.4
    Affected: 16.10.3
    Affected: 16.10.3a
    Affected: 16.12.1b
    Affected: 16.10.3b
    Affected: 16.12.1d
    Affected: 16.11.1s
    Affected: 16.9.1
    Affected: 16.11.1a
    Affected: 16.11.1d
    Affected: 16.9.2
    Affected: 16.10.1
    Affected: 16.11.1f
    Affected: 16.9.4
    Affected: 16.9.3
    Affected: 16.10.2
    Affected: 16.12.1e
    Affected: 16.11.1b
    Affected: 16.11.1
    Affected: 16.12.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20151",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-07T18:56:21.184209Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-07T19:46:24.894Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco IOS XE Catalyst SD-WAN",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "16.10.6"
                },
                {
                  "status": "affected",
                  "version": "16.12.3"
                },
                {
                  "status": "affected",
                  "version": "16.12.1"
                },
                {
                  "status": "affected",
                  "version": "16.12.1a"
                },
                {
                  "status": "affected",
                  "version": "16.12.4a"
                },
                {
                  "status": "affected",
                  "version": "16.12.2r"
                },
                {
                  "status": "affected",
                  "version": "16.12.1c"
                },
                {
                  "status": "affected",
                  "version": "16.10.4"
                },
                {
                  "status": "affected",
                  "version": "16.12.1b1"
                },
                {
                  "status": "affected",
                  "version": "16.10.5"
                },
                {
                  "status": "affected",
                  "version": "16.12.4"
                },
                {
                  "status": "affected",
                  "version": "16.10.3"
                },
                {
                  "status": "affected",
                  "version": "16.10.3a"
                },
                {
                  "status": "affected",
                  "version": "16.12.1b"
                },
                {
                  "status": "affected",
                  "version": "16.10.3b"
                },
                {
                  "status": "affected",
                  "version": "16.12.1d"
                },
                {
                  "status": "affected",
                  "version": "16.11.1s"
                },
                {
                  "status": "affected",
                  "version": "16.9.1"
                },
                {
                  "status": "affected",
                  "version": "16.11.1a"
                },
                {
                  "status": "affected",
                  "version": "16.11.1d"
                },
                {
                  "status": "affected",
                  "version": "16.9.2"
                },
                {
                  "status": "affected",
                  "version": "16.10.1"
                },
                {
                  "status": "affected",
                  "version": "16.11.1f"
                },
                {
                  "status": "affected",
                  "version": "16.9.4"
                },
                {
                  "status": "affected",
                  "version": "16.9.3"
                },
                {
                  "status": "affected",
                  "version": "16.10.2"
                },
                {
                  "status": "affected",
                  "version": "16.12.1e"
                },
                {
                  "status": "affected",
                  "version": "16.11.1b"
                },
                {
                  "status": "affected",
                  "version": "16.11.1"
                },
                {
                  "status": "affected",
                  "version": "16.12.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration.\r\n\r\nThis vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied.\r\nNote: The attacker has no control of the SNMPv3 configuration. To exploit this vulnerability, the attacker must have valid SNMPv3 user credentials.\r\nFor more information, see the  section of this advisory."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-16",
                  "description": "Configuration",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-07T17:18:44.414Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-snmpv3-qKEYvzsy",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpv3-qKEYvzsy"
            }
          ],
          "source": {
            "advisory": "cisco-sa-snmpv3-qKEYvzsy",
            "defects": [
              "CSCwi84832"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20151",
        "datePublished": "2025-05-07T17:18:44.414Z",
        "dateReserved": "2024-10-10T19:15:13.216Z",
        "dateUpdated": "2025-05-07T19:46:24.894Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20373 (GCVE-0-2024-20373)

    Vulnerability from cvelistv5 – Published: 2024-11-15 14:52 – Updated: 2024-11-15 16:20
    VLAI
    Title
    Cisco IOS and Cisco IOS XE SNMP Extended ACL Bypass Vulnerability
    Summary
    A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.  This vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials. SNMP with IPv6 ACL configurations is not affected. For more information, see the section of this advisory.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco IOS XE Catalyst SD-WAN Affected: 16.10.6
    Affected: 16.12.3
    Affected: 16.12.1
    Affected: 16.10.4
    Affected: 16.10.5
    Affected: 16.12.4
    Affected: 16.10.3
    Affected: 16.10.3a
    Affected: 16.10.3b
    Affected: 16.11.1s
    Affected: 16.11.1a
    Affected: 16.10.1
    Affected: 16.11.1f
    Affected: 16.9.4
    Affected: 16.9.3
    Affected: 16.10.2
    Affected: 16.11.1b
    Affected: 16.11.1
    Affected: 16.12.5
    Affected: 16.11.1d
    Create a notification for this product.
    cisco ios_xe_catalyst_sd-wan Affected: 16.10.1
    Affected: 16.10.2
    Affected: 16.10.3
    Affected: 16.10.3a
    Affected: 16.10.3b
    Affected: 16.10.4
    Affected: 16.10.5
    Affected: 16.10.6
    Affected: 16.11.1
    Affected: 16.11.1a
    Affected: 16.11.1b
    Affected: 16.11.1d
    Affected: 16.11.1f
    Affected: 16.11.1s
    Affected: 16.12.1
    Affected: 16.12.3
    Affected: 16.12.4
    Affected: 16.12.5
    Affected: 16.9.3
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3a:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3b:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1a:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1b:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1d:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1f:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1s:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.9.3:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3a:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.3b:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.10.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1a:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1b:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1d:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1f:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.11.1s:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.12.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:ios_xe_catalyst_sd-wan:16.9.3:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ios_xe_catalyst_sd-wan",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "16.10.1"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.2"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.3"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.3a"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.3b"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.4"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.5"
                  },
                  {
                    "status": "affected",
                    "version": "16.10.6"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1a"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1b"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1d"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1f"
                  },
                  {
                    "status": "affected",
                    "version": "16.11.1s"
                  },
                  {
                    "status": "affected",
                    "version": "16.12.1"
                  },
                  {
                    "status": "affected",
                    "version": "16.12.3"
                  },
                  {
                    "status": "affected",
                    "version": "16.12.4"
                  },
                  {
                    "status": "affected",
                    "version": "16.12.5"
                  },
                  {
                    "status": "affected",
                    "version": "16.9.3"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20373",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:20:19.710967Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T16:20:59.945Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco IOS XE Catalyst SD-WAN",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "16.10.6"
                },
                {
                  "status": "affected",
                  "version": "16.12.3"
                },
                {
                  "status": "affected",
                  "version": "16.12.1"
                },
                {
                  "status": "affected",
                  "version": "16.10.4"
                },
                {
                  "status": "affected",
                  "version": "16.10.5"
                },
                {
                  "status": "affected",
                  "version": "16.12.4"
                },
                {
                  "status": "affected",
                  "version": "16.10.3"
                },
                {
                  "status": "affected",
                  "version": "16.10.3a"
                },
                {
                  "status": "affected",
                  "version": "16.10.3b"
                },
                {
                  "status": "affected",
                  "version": "16.11.1s"
                },
                {
                  "status": "affected",
                  "version": "16.11.1a"
                },
                {
                  "status": "affected",
                  "version": "16.10.1"
                },
                {
                  "status": "affected",
                  "version": "16.11.1f"
                },
                {
                  "status": "affected",
                  "version": "16.9.4"
                },
                {
                  "status": "affected",
                  "version": "16.9.3"
                },
                {
                  "status": "affected",
                  "version": "16.10.2"
                },
                {
                  "status": "affected",
                  "version": "16.11.1b"
                },
                {
                  "status": "affected",
                  "version": "16.11.1"
                },
                {
                  "status": "affected",
                  "version": "16.12.5"
                },
                {
                  "status": "affected",
                  "version": "16.11.1d"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.\u0026nbsp;\r\n\r\nThis vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials.\r\nSNMP with IPv6 ACL configurations is not affected.\r\nFor more information, see the  section of this advisory."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-15T14:52:34.137Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-snmp-uwBXfqww",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-uwBXfqww"
            }
          ],
          "source": {
            "advisory": "cisco-sa-snmp-uwBXfqww",
            "defects": [
              "CSCwe24431"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS and Cisco IOS XE SNMP Extended ACL Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20373",
        "datePublished": "2024-11-15T14:52:34.137Z",
        "dateReserved": "2023-11-08T15:08:07.654Z",
        "dateUpdated": "2024-11-15T16:20:59.945Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20455 (GCVE-0-2024-20455)

    Vulnerability from cvelistv5 – Published: 2024-09-25 16:18 – Updated: 2024-09-25 19:47
    VLAI
    Summary
    A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because UTD improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. An attacker could exploit this vulnerability by sending crafted traffic through an SD-WAN IPsec tunnel that is configured on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: SD-WAN tunnels that are configured with Generic Routing Encapsulation (GRE) are not affected by this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco IOS XE Software Affected: 17.1.1
    Affected: 17.1.1a
    Affected: 17.1.1s
    Affected: 17.1.1t
    Affected: 17.1.3
    Affected: 17.2.1
    Affected: 17.2.1r
    Affected: 17.2.1a
    Affected: 17.2.1v
    Affected: 17.2.2
    Affected: 17.2.3
    Affected: 17.3.1
    Affected: 17.3.2
    Affected: 17.3.3
    Affected: 17.3.1a
    Affected: 17.3.1w
    Affected: 17.3.2a
    Affected: 17.3.1x
    Affected: 17.3.1z
    Affected: 17.3.4
    Affected: 17.3.5
    Affected: 17.3.4a
    Affected: 17.3.6
    Affected: 17.3.4b
    Affected: 17.3.4c
    Affected: 17.3.5a
    Affected: 17.3.5b
    Affected: 17.3.7
    Affected: 17.3.8
    Affected: 17.3.8a
    Affected: 17.4.1
    Affected: 17.4.2
    Affected: 17.4.1a
    Affected: 17.4.1b
    Affected: 17.4.2a
    Affected: 17.5.1
    Affected: 17.5.1a
    Affected: 17.6.1
    Affected: 17.6.2
    Affected: 17.6.1w
    Affected: 17.6.1a
    Affected: 17.6.1x
    Affected: 17.6.3
    Affected: 17.6.1y
    Affected: 17.6.1z
    Affected: 17.6.3a
    Affected: 17.6.4
    Affected: 17.6.1z1
    Affected: 17.6.5
    Affected: 17.6.6
    Affected: 17.6.6a
    Affected: 17.6.5a
    Affected: 17.7.1
    Affected: 17.7.1a
    Affected: 17.7.1b
    Affected: 17.7.2
    Affected: 17.10.1
    Affected: 17.10.1a
    Affected: 17.10.1b
    Affected: 17.8.1
    Affected: 17.8.1a
    Affected: 17.9.1
    Affected: 17.9.1w
    Affected: 17.9.2
    Affected: 17.9.1a
    Affected: 17.9.1x
    Affected: 17.9.1y
    Affected: 17.9.3
    Affected: 17.9.2a
    Affected: 17.9.1x1
    Affected: 17.9.3a
    Affected: 17.9.4
    Affected: 17.9.1y1
    Affected: 17.9.5
    Affected: 17.9.4a
    Affected: 17.9.5a
    Affected: 17.9.5b
    Affected: 17.11.1
    Affected: 17.11.1a
    Affected: 17.12.1
    Affected: 17.12.1w
    Affected: 17.12.1a
    Affected: 17.12.2
    Affected: 17.12.2a
    Affected: 17.13.1
    Affected: 17.13.1a
    Affected: 17.11.99SW
    Create a notification for this product.
    Cisco Cisco IOS XE Catalyst SD-WAN Affected: 17.5.1a
    Affected: 17.6.1a
    Affected: 17.6.2
    Affected: 17.6.4
    Affected: 17.7.1a
    Affected: 17.9.1a
    Affected: 17.9.2a
    Affected: 17.9.3a
    Affected: 17.9.4
    Affected: 17.8.1a
    Affected: 17.10.1a
    Affected: 17.11.1a
    Affected: 17.12.1a
    Affected: 17.13.1a
    Create a notification for this product.
    cisco ios_xe Affected: 17.1.1
    Affected: 17.1.1a
    Affected: 17.1.1s
    Affected: 17.1.1t
    Affected: 17.1.3
    Affected: 17.2.1
    Affected: 17.2.1r
    Affected: 17.2.1a
    Affected: 17.2.1v
    Affected: 17.2.2
    Affected: 17.2.3
    Affected: 17.3.1
    Affected: 17.3.2
    Affected: 17.3.3
    Affected: 17.3.1a
    Affected: 17.3.1w
    Affected: 17.3.2a
    Affected: 17.3.1x
    Affected: 17.3.1z
    Affected: 17.3.4
    Affected: 17.3.5
    Affected: 17.3.4a
    Affected: 17.3.6
    Affected: 17.3.4b
    Affected: 17.3.4c
    Affected: 17.3.5a
    Affected: 17.3.5b
    Affected: 17.3.7
    Affected: 17.3.8
    Affected: 17.3.8a
    Affected: 17.4.1
    Affected: 17.4.2
    Affected: 17.4.1a
    Affected: 17.4.1b
    Affected: 17.4.2a
    Affected: 17.5.1
    Affected: 17.5.1a
    Affected: 17.6.1
    Affected: 17.6.2
    Affected: 17.6.1w
    Affected: 17.6.1a
    Affected: 17.6.1x
    Affected: 17.6.3
    Affected: 17.6.1y
    Affected: 17.6.1z
    Affected: 17.6.3a
    Affected: 17.6.4
    Affected: 17.6.1z1
    Affected: 17.6.5
    Affected: 17.6.6
    Affected: 17.6.6a
    Affected: 17.6.5a
    Affected: 17.7.1
    Affected: 17.7.1a
    Affected: 17.7.1b
    Affected: 17.7.2
    Affected: 17.10.1
    Affected: 17.10.1a
    Affected: 17.10.1b
    Affected: 17.8.1
    Affected: 17.8.1a
    Affected: 17.9.1
    Affected: 17.9.1w
    Affected: 17.9.2
    Affected: 17.9.1a
    Affected: 17.9.1x
    Affected: 17.9.1y
    Affected: 17.9.3
    Affected: 17.9.2a
    Affected: 17.9.1x1
    Affected: 17.9.3a
    Affected: 17.9.4
    Affected: 17.9.1y1
    Affected: 17.9.5
    Affected: 17.9.4a
    Affected: 17.9.5a
    Affected: 17.9.5b
    Affected: 17.11.1
    Affected: 17.11.1a
    Affected: 17.12.1
    Affected: 17.12.1w
    Affected: 17.12.1a
    Affected: 17.12.2
    Affected: 17.12.2a
    Affected: 17.13.1
    Affected: 17.13.1a
    Affected: 17.11.99sw
        cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
    Create a notification for this product.
    cisco ios_xe_catalyst_sd-wan Affected: 17.5.1a
    Affected: 17.6.1a
    Affected: 17.6.2
    Affected: 17.6.4
    Affected: 17.7.1a
    Affected: 17.9.1a
    Affected: 17.9.2a
    Affected: 17.9.3a
    Affected: 17.9.4
    Affected: 17.8.1a
    Affected: 17.10.1a
    Affected: 17.11.1a
    Affected: 17.12.1a
    Affected: 17.13.1a
        cpe:2.3:o:cisco:ios_xe_catalyst_sd-wan:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ios_xe",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "17.1.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.1.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.1.1s"
                  },
                  {
                    "status": "affected",
                    "version": "17.1.1t"
                  },
                  {
                    "status": "affected",
                    "version": "17.1.3"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.1r"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.1v"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.2.3"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.3"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.1w"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.2a"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.1x"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.1z"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.4"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.5"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.4a"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.6"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.4b"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.4c"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.5a"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.5b"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.7"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.8"
                  },
                  {
                    "status": "affected",
                    "version": "17.3.8a"
                  },
                  {
                    "status": "affected",
                    "version": "17.4.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.4.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.4.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.4.1b"
                  },
                  {
                    "status": "affected",
                    "version": "17.4.2a"
                  },
                  {
                    "status": "affected",
                    "version": "17.5.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.5.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1w"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1x"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.3"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1y"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1z"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.3a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.4"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1z1"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.5"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.6"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.6a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.5a"
                  },
                  {
                    "status": "affected",
                    "version": "17.7.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.7.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.7.1b"
                  },
                  {
                    "status": "affected",
                    "version": "17.7.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.10.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.10.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.10.1b"
                  },
                  {
                    "status": "affected",
                    "version": "17.8.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.8.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1w"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1x"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1y"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.3"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.2a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1x1"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.3a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.4"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1y1"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.5"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.4a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.5a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.5b"
                  },
                  {
                    "status": "affected",
                    "version": "17.11.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.11.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.1w"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.2a"
                  },
                  {
                    "status": "affected",
                    "version": "17.13.1"
                  },
                  {
                    "status": "affected",
                    "version": "17.13.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.11.99sw"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:cisco:ios_xe_catalyst_sd-wan:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ios_xe_catalyst_sd-wan",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "17.5.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.2"
                  },
                  {
                    "status": "affected",
                    "version": "17.6.4"
                  },
                  {
                    "status": "affected",
                    "version": "17.7.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.2a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.3a"
                  },
                  {
                    "status": "affected",
                    "version": "17.9.4"
                  },
                  {
                    "status": "affected",
                    "version": "17.8.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.10.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.11.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.12.1a"
                  },
                  {
                    "status": "affected",
                    "version": "17.13.1a"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20455",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-25T19:29:31.898015Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-25T19:47:05.368Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "17.1.1"
                },
                {
                  "status": "affected",
                  "version": "17.1.1a"
                },
                {
                  "status": "affected",
                  "version": "17.1.1s"
                },
                {
                  "status": "affected",
                  "version": "17.1.1t"
                },
                {
                  "status": "affected",
                  "version": "17.1.3"
                },
                {
                  "status": "affected",
                  "version": "17.2.1"
                },
                {
                  "status": "affected",
                  "version": "17.2.1r"
                },
                {
                  "status": "affected",
                  "version": "17.2.1a"
                },
                {
                  "status": "affected",
                  "version": "17.2.1v"
                },
                {
                  "status": "affected",
                  "version": "17.2.2"
                },
                {
                  "status": "affected",
                  "version": "17.2.3"
                },
                {
                  "status": "affected",
                  "version": "17.3.1"
                },
                {
                  "status": "affected",
                  "version": "17.3.2"
                },
                {
                  "status": "affected",
                  "version": "17.3.3"
                },
                {
                  "status": "affected",
                  "version": "17.3.1a"
                },
                {
                  "status": "affected",
                  "version": "17.3.1w"
                },
                {
                  "status": "affected",
                  "version": "17.3.2a"
                },
                {
                  "status": "affected",
                  "version": "17.3.1x"
                },
                {
                  "status": "affected",
                  "version": "17.3.1z"
                },
                {
                  "status": "affected",
                  "version": "17.3.4"
                },
                {
                  "status": "affected",
                  "version": "17.3.5"
                },
                {
                  "status": "affected",
                  "version": "17.3.4a"
                },
                {
                  "status": "affected",
                  "version": "17.3.6"
                },
                {
                  "status": "affected",
                  "version": "17.3.4b"
                },
                {
                  "status": "affected",
                  "version": "17.3.4c"
                },
                {
                  "status": "affected",
                  "version": "17.3.5a"
                },
                {
                  "status": "affected",
                  "version": "17.3.5b"
                },
                {
                  "status": "affected",
                  "version": "17.3.7"
                },
                {
                  "status": "affected",
                  "version": "17.3.8"
                },
                {
                  "status": "affected",
                  "version": "17.3.8a"
                },
                {
                  "status": "affected",
                  "version": "17.4.1"
                },
                {
                  "status": "affected",
                  "version": "17.4.2"
                },
                {
                  "status": "affected",
                  "version": "17.4.1a"
                },
                {
                  "status": "affected",
                  "version": "17.4.1b"
                },
                {
                  "status": "affected",
                  "version": "17.4.2a"
                },
                {
                  "status": "affected",
                  "version": "17.5.1"
                },
                {
                  "status": "affected",
                  "version": "17.5.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1"
                },
                {
                  "status": "affected",
                  "version": "17.6.2"
                },
                {
                  "status": "affected",
                  "version": "17.6.1w"
                },
                {
                  "status": "affected",
                  "version": "17.6.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1x"
                },
                {
                  "status": "affected",
                  "version": "17.6.3"
                },
                {
                  "status": "affected",
                  "version": "17.6.1y"
                },
                {
                  "status": "affected",
                  "version": "17.6.1z"
                },
                {
                  "status": "affected",
                  "version": "17.6.3a"
                },
                {
                  "status": "affected",
                  "version": "17.6.4"
                },
                {
                  "status": "affected",
                  "version": "17.6.1z1"
                },
                {
                  "status": "affected",
                  "version": "17.6.5"
                },
                {
                  "status": "affected",
                  "version": "17.6.6"
                },
                {
                  "status": "affected",
                  "version": "17.6.6a"
                },
                {
                  "status": "affected",
                  "version": "17.6.5a"
                },
                {
                  "status": "affected",
                  "version": "17.7.1"
                },
                {
                  "status": "affected",
                  "version": "17.7.1a"
                },
                {
                  "status": "affected",
                  "version": "17.7.1b"
                },
                {
                  "status": "affected",
                  "version": "17.7.2"
                },
                {
                  "status": "affected",
                  "version": "17.10.1"
                },
                {
                  "status": "affected",
                  "version": "17.10.1a"
                },
                {
                  "status": "affected",
                  "version": "17.10.1b"
                },
                {
                  "status": "affected",
                  "version": "17.8.1"
                },
                {
                  "status": "affected",
                  "version": "17.8.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1"
                },
                {
                  "status": "affected",
                  "version": "17.9.1w"
                },
                {
                  "status": "affected",
                  "version": "17.9.2"
                },
                {
                  "status": "affected",
                  "version": "17.9.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1x"
                },
                {
                  "status": "affected",
                  "version": "17.9.1y"
                },
                {
                  "status": "affected",
                  "version": "17.9.3"
                },
                {
                  "status": "affected",
                  "version": "17.9.2a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1x1"
                },
                {
                  "status": "affected",
                  "version": "17.9.3a"
                },
                {
                  "status": "affected",
                  "version": "17.9.4"
                },
                {
                  "status": "affected",
                  "version": "17.9.1y1"
                },
                {
                  "status": "affected",
                  "version": "17.9.5"
                },
                {
                  "status": "affected",
                  "version": "17.9.4a"
                },
                {
                  "status": "affected",
                  "version": "17.9.5a"
                },
                {
                  "status": "affected",
                  "version": "17.9.5b"
                },
                {
                  "status": "affected",
                  "version": "17.11.1"
                },
                {
                  "status": "affected",
                  "version": "17.11.1a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1"
                },
                {
                  "status": "affected",
                  "version": "17.12.1w"
                },
                {
                  "status": "affected",
                  "version": "17.12.1a"
                },
                {
                  "status": "affected",
                  "version": "17.12.2"
                },
                {
                  "status": "affected",
                  "version": "17.12.2a"
                },
                {
                  "status": "affected",
                  "version": "17.13.1"
                },
                {
                  "status": "affected",
                  "version": "17.13.1a"
                },
                {
                  "status": "affected",
                  "version": "17.11.99SW"
                }
              ]
            },
            {
              "product": "Cisco IOS XE Catalyst SD-WAN",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "17.5.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.1a"
                },
                {
                  "status": "affected",
                  "version": "17.6.2"
                },
                {
                  "status": "affected",
                  "version": "17.6.4"
                },
                {
                  "status": "affected",
                  "version": "17.7.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.1a"
                },
                {
                  "status": "affected",
                  "version": "17.9.2a"
                },
                {
                  "status": "affected",
                  "version": "17.9.3a"
                },
                {
                  "status": "affected",
                  "version": "17.9.4"
                },
                {
                  "status": "affected",
                  "version": "17.8.1a"
                },
                {
                  "status": "affected",
                  "version": "17.10.1a"
                },
                {
                  "status": "affected",
                  "version": "17.11.1a"
                },
                {
                  "status": "affected",
                  "version": "17.12.1a"
                },
                {
                  "status": "affected",
                  "version": "17.13.1a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability exists because UTD improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. An attacker could exploit this vulnerability by sending crafted traffic through an SD-WAN IPsec tunnel that is configured on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\n\r Note: SD-WAN tunnels that are configured with Generic Routing Encapsulation (GRE) are not affected by this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-371",
                  "description": "State Issues",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-25T16:27:24.944Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-sdwan-utd-dos-hDATqxs",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sdwan-utd-dos-hDATqxs",
            "defects": [
              "CSCwi07137"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20455",
        "datePublished": "2024-09-25T16:18:50.066Z",
        "dateReserved": "2023-11-08T15:08:07.679Z",
        "dateUpdated": "2024-09-25T19:47:05.368Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20035 (GCVE-0-2023-20035)

    Vulnerability from cvelistv5 – Published: 2023-03-23 00:00 – Updated: 2024-10-28 16:32
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2023-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.562Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20230322 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20035",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-28T16:19:23.522101Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-28T16:32:57.941Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2023-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-146",
                  "description": "CWE-146",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-23T00:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20230322 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ios-xe-sdwan-VQAhEjYw",
            "defect": [
              [
                "CSCvx72976",
                "CSCwc41942"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20035",
        "datePublished": "2023-03-23T00:00:00.000Z",
        "dateReserved": "2022-10-27T00:00:00.000Z",
        "dateUpdated": "2024-10-28T16:32:57.941Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20850 (GCVE-0-2022-20850)

    Vulnerability from cvelistv5 – Published: 2022-09-30 18:46 – Updated: 2024-11-01 18:50
    VLAI
    Title
    Cisco SD-WAN Arbitrary File Deletion Vulnerability
    Summary
    A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2022-09-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:24:50.267Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-20850",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-01T18:40:31.320155Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-01T18:50:42.028Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco SD-WAN Solution",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2022-09-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-30T18:46:05.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-arb-file-delete-VB2rVcQv",
            "defect": [
              [
                "CSCvm25943"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco SD-WAN Arbitrary File Deletion Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2022-09-28T16:00:00",
              "ID": "CVE-2022-20850",
              "STATE": "PUBLIC",
              "TITLE": "Cisco SD-WAN Arbitrary File Deletion Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco SD-WAN Solution",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "5.5",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-22"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-arb-file-delete-VB2rVcQv",
              "defect": [
                [
                  "CSCvm25943"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20850",
        "datePublished": "2022-09-30T18:46:05.246Z",
        "dateReserved": "2021-11-02T00:00:00.000Z",
        "dateUpdated": "2024-11-01T18:50:42.028Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1529 (GCVE-0-2021-1529)

    Vulnerability from cvelistv5 – Published: 2021-10-21 02:45 – Updated: 2024-11-07 21:47
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-10-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.673Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20211020 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1529",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:42:50.706618Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:47:38.698Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE SD-WAN Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-10-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-10-21T02:45:10.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20211020 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sd-wan-rhpbE34A",
            "defect": [
              [
                "CSCvx50713"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-10-20T16:00:00",
              "ID": "CVE-2021-1529",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE SD-WAN Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "7.8",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-78"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20211020 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-sd-wan-rhpbE34A",
              "defect": [
                [
                  "CSCvx50713"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1529",
        "datePublished": "2021-10-21T02:45:10.183Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:47:38.698Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1619 (GCVE-0-2021-1619)

    Vulnerability from cvelistv5 – Published: 2021-09-23 02:30 – Updated: 2024-11-07 21:57
    VLAI
    Title
    Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability
    Summary
    A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:18:11.250Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210922 Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1619",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:55:52.696954Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:57:46.001Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-824",
                  "description": "CWE-824",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-23T02:30:55.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210922 Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q"
            }
          ],
          "source": {
            "advisory": "cisco-sa-aaa-Yx47ZT8Q",
            "defect": [
              [
                "CSCvt53563"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-09-22T16:00:00",
              "ID": "CVE-2021-1619",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "9.8",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-824"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210922 Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaa-Yx47ZT8Q"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-aaa-Yx47ZT8Q",
              "defect": [
                [
                  "CSCvt53563"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1619",
        "datePublished": "2021-09-23T02:30:56.078Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:57:46.001Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34729 (GCVE-0-2021-34729)

    Vulnerability from cvelistv5 – Published: 2021-09-23 02:26 – Updated: 2024-11-07 21:58
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:48.140Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-34729",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:43:01.874543Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:58:26.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE SD-WAN Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-23T02:26:36.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ioxesdwan-clicmdinj-7bYX5k3",
            "defect": [
              [
                "CSCvw54120"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-09-22T16:00:00",
              "ID": "CVE-2021-34729",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE SD-WAN Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.7",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxesdwan-clicmdinj-7bYX5k3"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-ioxesdwan-clicmdinj-7bYX5k3",
              "defect": [
                [
                  "CSCvw54120"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-34729",
        "datePublished": "2021-09-23T02:26:36.609Z",
        "dateReserved": "2021-06-15T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:58:26.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34727 (GCVE-0-2021-34727)

    Vulnerability from cvelistv5 – Published: 2021-09-23 02:26 – Updated: 2024-11-07 21:58
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability
    Summary
    A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:48.130Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210922 Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-34727",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:55:54.920129Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:58:32.363Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE SD-WAN Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-23T02:26:30.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210922 Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp"
            }
          ],
          "source": {
            "advisory": "cisco-sa-iosxesdwan-rbuffover-vE2OB6tp",
            "defect": [
              [
                "CSCvt49022"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-09-22T16:00:00",
              "ID": "CVE-2021-34727",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE SD-WAN Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "9.8",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-120"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210922 Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-rbuffover-vE2OB6tp"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-iosxesdwan-rbuffover-vE2OB6tp",
              "defect": [
                [
                  "CSCvt49022"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-34727",
        "datePublished": "2021-09-23T02:26:30.919Z",
        "dateReserved": "2021-06-15T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:58:32.363Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34725 (GCVE-0-2021-34725)

    Vulnerability from cvelistv5 – Published: 2021-09-23 02:26 – Updated: 2024-11-07 21:58
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:48.128Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-34725",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:43:04.850695Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:58:45.239Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE SD-WAN Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-23T02:26:19.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sdwan-maapi-privesc-KSUg7QSS",
            "defect": [
              [
                "CSCvu26766"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-09-22T16:00:00",
              "ID": "CVE-2021-34725",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Command Injection Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE SD-WAN Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.7",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210922 Cisco IOS XE SD-WAN Software Command Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-maapi-privesc-KSUg7QSS"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-sdwan-maapi-privesc-KSUg7QSS",
              "defect": [
                [
                  "CSCvu26766"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-34725",
        "datePublished": "2021-09-23T02:26:19.249Z",
        "dateReserved": "2021-06-15T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:58:45.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-34724 (GCVE-0-2021-34724)

    Vulnerability from cvelistv5 – Published: 2021-09-23 02:26 – Updated: 2024-11-07 21:58
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability
    Summary
    A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:19:48.119Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210922 Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-34724",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:43:06.198044Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T21:58:53.498Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE SD-WAN Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-23T02:26:13.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210922 Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-iosxesdwan-privesc-VP4FG3jD",
            "defect": [
              [
                "CSCvw54117"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-09-22T16:00:00",
              "ID": "CVE-2021-34724",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE SD-WAN Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.0",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-284"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210922 Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxesdwan-privesc-VP4FG3jD"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-iosxesdwan-privesc-VP4FG3jD",
              "defect": [
                [
                  "CSCvw54117"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-34724",
        "datePublished": "2021-09-23T02:26:14.010Z",
        "dateReserved": "2021-06-15T00:00:00.000Z",
        "dateUpdated": "2024-11-07T21:58:53.498Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1371 (GCVE-0-2021-1371)

    Vulnerability from cvelistv5 – Published: 2021-03-24 20:15 – Updated: 2024-11-08 23:31
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability
    Summary
    A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-03-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.024Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210324 Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1371",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:19:29.781002Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-08T23:31:47.381Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-03-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-03-24T20:15:51.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210324 Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sdwan-esc-rSNVvTf9",
            "defect": [
              [
                "CSCvv43400"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-03-24T16:00:00",
              "ID": "CVE-2021-1371",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulnerability occurs because the default configuration is applied for console authentication and authorization. An attacker could exploit this vulnerability by connecting to the console port and authenticating as a read-only user. A successful exploit could allow a user with read-only permissions to access administrative privileges."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.6",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-269"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210324 Cisco IOS XE SD-WAN Software Console Privilege Escalation Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-sdwan-esc-rSNVvTf9",
              "defect": [
                [
                  "CSCvv43400"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1371",
        "datePublished": "2021-03-24T20:15:51.816Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-08T23:31:47.381Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1383 (GCVE-0-2021-1383)

    Vulnerability from cvelistv5 – Published: 2021-03-24 20:07 – Updated: 2024-11-08 17:53
    VLAI
    Title
    Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities
    Summary
    Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2021-03-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:16.884Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1383",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T17:53:18.298543Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-08T17:53:28.997Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IOS XE Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-03-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-22T16:14:02.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r"
            }
          ],
          "source": {
            "advisory": "cisco-sa-xesdwpinj-V4weeqzU",
            "defect": [
              [
                "CSCvk59304",
                "CSCvw64834"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-03-24T16:00:00",
              "ID": "CVE-2021-1383",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IOS XE Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.0",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210324 Cisco IOS XE SD-WAN Software Parameter Injection Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU"
                },
                {
                  "name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r",
                  "refsource": "MISC",
                  "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-vw54-f9mw-g46r"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-xesdwpinj-V4weeqzU",
              "defect": [
                [
                  "CSCvk59304",
                  "CSCvw64834"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1383",
        "datePublished": "2021-03-24T20:07:41.020Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-08T17:53:28.997Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }