How severe is CVE-2021-1436?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2021-1436?

This is classified as CWE-22, which is a common weakness in software security.

CVE-2021-1436 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system.

Related Vulnerabilities

CVE-2019-15266

MEDIUM

CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. This vulnerability is due to imp...

CWE-222019

CVE-2019-1835

MEDIUM

CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco Aironet Access Points (APs) could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanit...

CWE-222019

CVE-2021-44111

MEDIUM

CVSS:4.4(Medium)

A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup.

CWE-222021

CVE-2022-20449

MEDIUM

CVSS:4.4(Medium)

In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execu...

CWE-222022

CVE-2022-22821

MEDIUM

CVSS:4.4(Medium)

NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available.

CWE-222022

CVE-2023-24804

MEDIUM

CVSS:4.4(Medium)

The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two byp...

CWE-222023