CVE-2021-1234

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN vManage Software (affected versions not specified)

Description A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. This issue is due to the absence of authentication for sensitive information in the cluster management interface. An attacker could exploit this vulnerability by sending a crafted request to the cluster management interface of an affected system, potentially allowing them to view sensitive information. The vulnerability is related to errors in privilege management.

Recommendations To resolve the issue, apply the software updates released by Cisco that address this vulnerability. At the moment, there is no information about additional mitigation measures or workarounds that address this vulnerability.