CVE-2021-1589

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN vManage Software (affected versions not specified)

Description The issue is related to insufficient protection of registration data in the disaster recovery feature of Cisco SD-WAN vManage Software. This could allow a remote attacker to gain unauthorized access to user credentials by sending a specially crafted request to an API endpoint, such as "/api/v1/login" or "/users/{id}". The vulnerability exists because access to API endpoints is not properly restricted, potentially allowing an attacker to exploit it and gain access to administrative credentials.

Recommendations For Cisco SD-WAN vManage Software, consider restricting access to API endpoints until a patch is available. As a temporary workaround, avoid using sensitive username and password variables in affected API endpoints. Restrict access to administrative credentials to minimize the risk of exploitation.