What is CVE-2021-1299?

CVE-2021-1299 is a high-severity vulnerability in Cisco Sd-wan Solution, classified under Improper Input Validation. CVSS score: 8.1/10. Published 2021-01-20.

How severe is CVE-2021-1299?

High severity. CVSS v3 base score is 8.1 out of 10.

Improper input validation in Cisco Sd-wan Solution

CVE-2021-1299

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the dev…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.011 (78.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N.

Affected products

Cisco Sd-wan Solution — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

20210120 Cisco SD-WAN Command Injection Vulnerabilities (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2021-1299?: CVE-2021-1299 is a high-severity vulnerability in Cisco Sd-wan Solution, classified under Improper Input Validation. CVSS score: 8.1/10. Published 2021-01-20.
How severe is CVE-2021-1299?: High severity. CVSS v3 base score is 8.1 out of 10.