CVE-2021-1235

MEDIUM Year: 2021
CVSS v3 Score
5.5
Medium
CVSS v2 Score
4.9
Medium
Weakness Type
CWE-497
View all →

Vulnerability Description

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read sensitive database files on an affected system. The vulnerability is due to insufficient user authorization. An attacker could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read database files from the filesystem of the underlying operating system.

Related Vulnerabilities

CVE-2021-1544

MEDIUM
CVSS:5.5(Medium)

A vulnerability in logging mechanisms of Cisco Webex Meetings client software could allow an authenticated, local attacker to gain access to sensitive information. This vulnerability is due to unsafe ...

CWE-4972021

CVE-2021-23135

MEDIUM
CVSS:5.5(Medium)

Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD...

CWE-4972021

CVE-2022-28651

MEDIUM
CVSS:5.5(Medium)

In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields

CWE-4972022

CVE-2022-34458

MEDIUM
CVSS:5.5(Medium)

Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in download operation ...

CWE-4972022

CVE-2023-50180

MEDIUM
CVSS:5.5(Medium)

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC version 7.4.1 and below, version 7.2.3 and below, version 7.1.4 and below, version 7.0...

CWE-4972023