CVE-2021-1349

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN vManage Software (affected versions not specified)

Description The issue is related to insufficient input validation by the web-based management interface, allowing an authenticated, remote attacker to conduct Cypher query language injection attacks. This could be achieved by sending crafted HTTP requests to the interface of an affected system, potentially resulting in the attacker obtaining sensitive information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.