CVE-2021-1484

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 15, 2024
CWE ID 88

Summary

CVE-2021-1484 is a vulnerability affecting the web UI of Cisco SD-WAN vManage Software. This issue allows authenticated, remote attackers to inject arbitrary commands, resulting in a denial of service (DoS) condition. The root cause is improper input validation of user-supplied input to the device template configuration. Attackers can exploit this flaw by submitting crafted input to the system. The impact includes causing a DoS condition on the affected system, and there are currently no workarounds available. Cisco has released software updates to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Cisco Catalyst SD-WAN Manager

Affected Vendors

  • Cisco Systems Inc