CVE-2021-1274

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN products (affected versions not specified) Cisco IOS XE SD-WAN (affected versions not specified) Cisco SD-WAN vBond Orchestrator (affected versions not specified) Cisco SD-WAN vEdge Cloud Routers (affected versions not specified) Cisco SD-WAN vEdge Routers (affected versions not specified) Cisco SD-WAN vSmart Controller (affected versions not specified) Cisco SD-WAN vManage (affected versions not specified)

Description Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. The vulnerability is related to a buffer overflow in the UDP protocol implementation.

Recommendations For Cisco SD-WAN products, update to a version that includes the software updates released by Cisco to address these vulnerabilities. For Cisco IOS XE SD-WAN, update to a version that includes the software updates released by Cisco to address these vulnerabilities. For Cisco SD-WAN vBond Orchestrator, update to a version that includes the software updates released by Cisco to address these vulnerabilities. For Cisco SD-WAN vEdge Cloud Routers, update to a version that includes the software updates released by Cisco to address these vulnerabilities. For Cisco SD-WAN vEdge Routers, update to a version that includes the software updates released by Cisco to address these vulnerabilities. For Cisco SD-WAN vSmart Controller, update to a version that includes the software updates released by Cisco to address these vulnerabilities. For Cisco SD-WAN vManage, update to a version that includes the software updates released by Cisco to address these vulnerabilities.