How severe is CVE-2021-34700?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2021-34700?

This is classified as CWE-522, which is a common weakness in software security.

CVE-2021-34700 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. This vulnerability exists because access to sensitive information on an affected system is not sufficiently controlled. An attacker could exploit this vulnerability by gaining unauthorized access to sensitive information on an affected system. A successful exploit could allow the attacker to create forged authentication requests and gain unauthorized access to the web UI of an affected system.

Related Vulnerabilities

CVE-2010-4178

MEDIUM

CVSS:5.5(Medium)

MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console

CWE-5222010

CVE-2012-5527

MEDIUM

CVSS:5.5(Medium)

Claws Mail vCalendar plugin: credentials exposed on interface

CWE-5222012

CVE-2013-4423

MEDIUM

CVSS:5.5(Medium)

CloudForms stores user passwords in recoverable format

CWE-5222013

CVE-2014-0241

MEDIUM

CVSS:5.5(Medium)

rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable

CWE-5222014

CVE-2014-1423

MEDIUM

CVSS:5.5(Medium)

signond before 8.57+15.04.20141127.1-0ubuntu1, as used in Ubuntu Touch, did not properly restrict applications from querying oath tokens due to incorrect checks and the missing installation of the sig...

CWE-5222014

CVE-2014-4659

MEDIUM

CVSS:5.5(Medium)

Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "de...

CWE-5222014