CVE-2021-1482

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN vManage Software (affected versions not specified)

Description The issue is related to errors in the authorization procedure of the Cisco SD-WAN vManage web interface. It allows a remote attacker to gain unauthorized access to protected information by sending specially crafted HTTP requests. This is due to insufficient authorization checks. An attacker could exploit this by sending crafted HTTP requests to the web-based management interface, potentially bypassing authorization checking and gaining access to sensitive information.

Recommendations For Cisco SD-WAN vManage Software, update to a version that includes the software updates released by Cisco to address this issue. As a temporary workaround, consider restricting access to the web-based management interface to minimize the risk of exploitation.