CVE-2021-1141

Name of the Vulnerable Software and Affected Versions: Cisco Smart Software Manager Satellite (affected versions not specified) Cisco Smart Software Manager On-Prem (affected versions not specified)

Description: The issue is related to multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite and Cisco Smart Software Manager On-Prem. These vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability in Cisco Smart Software Manager On-Prem is associated with insufficient input validation, which can be exploited by a remote attacker to execute arbitrary commands with root privileges.

Recommendations: For Cisco Smart Software Manager Satellite, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Cisco Smart Software Manager On-Prem, at the moment, there is no information about a newer version that contains a fix for this vulnerability.