PT-2021-2862 · Cisco · Cisco Sd-Wan Vmanage
Julien Legras
+1
·
Published
2021-04-21
·
Updated
2025-08-04
·
CVE-2021-1484
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco SD-WAN vManage Software (affected versions not specified)
Description
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to inject arbitrary commands on an affected system and cause a denial of service (DoS) condition. This is due to improper input validation of user-supplied input to the device template configuration. An attacker could exploit this by submitting crafted input to the device template configuration, potentially causing a DoS condition on the affected system.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
Argument Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Sd-Wan Vmanage