Cisco SD-WAN vManage Software Vulnerability Could Lead to Denial of Service
CVE-2021-1484
6.5MEDIUM
What is CVE-2021-1484?
A vulnerability in the web UI of Cisco SD-WAN vManage Software enables an authenticated, remote attacker to inject arbitrary commands into the device template configuration. This issue arises from improper input validation of user-supplied data. By exploiting this weakness through crafted input, an attacker can potentially induce a denial of service condition on the impacted system, disrupting service availability. Cisco has released software updates to remediate this vulnerability, with no alternative workarounds available.
Affected Version(s)
Cisco Catalyst SD-WAN Manager 20.1.12
Cisco Catalyst SD-WAN Manager 19.2.1
Cisco Catalyst SD-WAN Manager 18.4.4