Vulnslist

find the latest Cisco vulnerabilities

Cisco SD-WAN vManage Authorization Bypass Vulnerabilities

cisco-sa-sdwan-abyp-TnGFHrS · High · Published · Updated

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-abyp-TnGFHrS

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address these vulnerabilities.

CVEsCVE-2021-1302, CVE-2021-1304, CVE-2021-1305
Cisco Bug IDsCSCvu28377, CSCvs11283, CSCvi59734
CVSS ScoreBase 8.8
Base 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Base 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Catalyst SD-WAN Manager

Related Products

Product CVE Evidence
Cisco SD-WAN CVE-2021-1305 Cisco OpenVuln
Cisco SD-WAN CVE-2021-1304 Cisco OpenVuln
Cisco SD-WAN CVE-2021-1302 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2021-1305 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2021-1304 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2021-1302 Cisco OpenVuln
Cisco Catalyst SD-WAN Software CVE-2021-1305 Cisco OpenVuln
Cisco Catalyst SD-WAN Software CVE-2021-1304 Cisco OpenVuln
Cisco Catalyst SD-WAN Software CVE-2021-1302 Cisco OpenVuln
Cisco SD-WAN vManage CVE-2021-1305 Cisco OpenVuln
Cisco SD-WAN vManage CVE-2021-1304 Cisco OpenVuln
Cisco SD-WAN vManage CVE-2021-1302 Cisco OpenVuln
Cisco Catalyst SD-WAN Manager CVE-2021-1305 Cisco OpenVuln
Cisco Catalyst SD-WAN Manager CVE-2021-1304 Cisco OpenVuln
Cisco Catalyst SD-WAN Manager CVE-2021-1302 Cisco OpenVuln
Cisco Catalyst SD-WAN CVE-2021-1305 Cisco OpenVuln
Cisco Catalyst SD-WAN CVE-2021-1304 Cisco OpenVuln
Cisco Catalyst SD-WAN CVE-2021-1302 Cisco OpenVuln