CVE-2021-1465

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 18, 2024
CWE ID 20

Summary

CVE-2021-1465 is a vulnerability affecting Cisco SD-WAN vManage Software. An authenticated attacker can exploit this issue by sending a maliciously crafted HTTP request containing directory traversal character sequences. This vulnerability, resulting from insufficient validation of HTTP requests, permits the attacker to gain read access to sensitive files and potentially write arbitrary files on the affected system. Successful exploitation could lead to serious security consequences.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Cisco Catalyst SD-WAN Manager

Affected Vendors

  • Cisco Systems Inc