CVE-2021-1484
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2021-1484 is a vulnerability affecting the web UI of Cisco SD-WAN vManage Software. This issue allows authenticated, remote attackers to inject arbitrary commands, resulting in a denial of service (DoS) condition. The root cause is improper input validation of user-supplied input to the device template configuration. Attackers can exploit this flaw by submitting crafted input to the system. The impact includes causing a DoS condition on the affected system, and there are currently no workarounds available. Cisco has released software updates to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Cisco Catalyst SD-WAN Manager
Affected Vendors
- Cisco Systems Inc