CVE-2020-26071

high

Description

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation for specific commands. An attacker could exploit this vulnerability by including crafted arguments to those specific commands. A successful exploit could allow the attacker to create or overwrite arbitrary files on the affected device, which could result in a DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns

Details

Source: Mitre, NVD

Published: 2024-11-18

Updated: 2024-11-18

Risk Information

CVSS v2

Base Score: 6.2

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 8.4

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H

Severity: High

Detections

Analytics