A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local malicious user to conduct path traversal attacks and obtain read access to sensitive files on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the malicious user to view arbitrary files on the affected system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ios xe 16.12.1 |
||
cisco ios xe 16.11.1 |
||
cisco ios xe 17.1.1 |
||
cisco ios xe 16.11.1a |
||
cisco ios xe 16.12.1c |
||
cisco ios xe 16.12.1t |
||
cisco ios xe 16.11.2 |
||
cisco ios xe 16.12.1s |
||
cisco ios xe 16.12.1a |
||
cisco ios xe 16.12.1x |
||
cisco ios xe 16.11.1c |
||
cisco ios xe 16.11.1b |
||
cisco ios xe 16.11.1s |
||
cisco ios xe 16.12.1w |
||
cisco ios xe 16.12.1y |
||
cisco ios xe 16.12.2 |
||
cisco ios xe 16.12.2a |
||
cisco ios xe 16.12.4 |
||
cisco ios xe 16.12.3 |
||
cisco ios xe 17.2.1 |
||
cisco ios xe 17.1.1s |
||
cisco ios xe 16.12.2t |
||
cisco ios xe 17.1.1a |
||
cisco ios xe 16.12.2s |
||
cisco ios xe 16.12.3a |
||
cisco ios xe 17.1.1t |
||
cisco ios xe 17.2.1a |
||
cisco ios xe 3.15.2xbs |
||
cisco ios xe 17.2.1v |
||
cisco ios xe 16.12.1z |
||
cisco ios xe 16.12.3s |
||
cisco ios xe 3.15.1xbs |
||
cisco ios xe 17.2.1r |
||
cisco ios xe 17.1.2 |
||
cisco ios xe 16.12.4a |
||
cisco ios xe 17.2.2 |
||
cisco ios xe 16.12.1za |