How severe is CVE-2021-1514?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2021-1514?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2021-1514 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges.

Related Vulnerabilities

CVE-2015-5208

MEDIUM

CVSS:4.4(Medium)

Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link.

CWE-202015

CVE-2015-7509

MEDIUM

CVSS:4.4(Medium)

fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.

CWE-202015

CVE-2015-8552

MEDIUM

CVSS:4.4(Medium)

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN message...

CWE-202015

CVE-2016-6246

MEDIUM

CVSS:4.4(Medium)

OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) d...

CWE-202016

CVE-2016-7907

MEDIUM

CVSS:4.4(Medium)

The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to...

CWE-202016

CVE-2017-0164

MEDIUM

CVSS:4.4(Medium)

A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Serv...

CWE-202017