CVE-2021-1484

15.11.2024, 17:15

A vulnerability in the web UI of Cisco&nbsp;SD-WAN vManage Software could allow an authenticated, remote attacker to inject arbitrary commands on an affected system and cause a denial of service (DoS) condition.
This vulnerability is due to improper input validation of user-supplied input to the device template configuration. An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to cause a DoS condition on the affected system.Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Argument Injection

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
cisco	CNA	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/RL:X/RC:X/E:X
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 34%

Vendor	Product	Version
cisco	catalyst_sd-wan_manager	17.2.4
cisco	catalyst_sd-wan_manager	17.2.5
cisco	catalyst_sd-wan_manager	17.2.6
cisco	catalyst_sd-wan_manager	17.2.7
cisco	catalyst_sd-wan_manager	17.2.8
cisco	catalyst_sd-wan_manager	17.2.9
cisco	catalyst_sd-wan_manager	17.2.10
cisco	catalyst_sd-wan_manager	18.2.0
cisco	catalyst_sd-wan_manager	18.3.0
cisco	catalyst_sd-wan_manager	18.3.1
cisco	catalyst_sd-wan_manager	18.3.1.1
cisco	catalyst_sd-wan_manager	18.3.3
cisco	catalyst_sd-wan_manager	18.3.3.1
cisco	catalyst_sd-wan_manager	18.3.4
cisco	catalyst_sd-wan_manager	18.3.5
cisco	catalyst_sd-wan_manager	18.3.6
cisco	catalyst_sd-wan_manager	18.3.6.1
cisco	catalyst_sd-wan_manager	18.3.7
cisco	catalyst_sd-wan_manager	18.3.8
cisco	catalyst_sd-wan_manager	18.4.0
cisco	catalyst_sd-wan_manager	18.4.0.1
cisco	catalyst_sd-wan_manager	18.4.1
cisco	catalyst_sd-wan_manager	18.4.3
cisco	catalyst_sd-wan_manager	18.4.4
cisco	catalyst_sd-wan_manager	18.4.5
cisco	catalyst_sd-wan_manager	18.4.302
cisco	catalyst_sd-wan_manager	18.4.303
cisco	catalyst_sd-wan_manager	18.4.501_es:_es
cisco	catalyst_sd-wan_manager	19.0.0
cisco	catalyst_sd-wan_manager	19.0.1a:a
cisco	catalyst_sd-wan_manager	19.1.0
cisco	catalyst_sd-wan_manager	19.2.0
cisco	catalyst_sd-wan_manager	19.2.1
cisco	catalyst_sd-wan_manager	19.2.2
cisco	catalyst_sd-wan_manager	19.2.3
cisco	catalyst_sd-wan_manager	19.2.4
cisco	catalyst_sd-wan_manager	19.2.4.0.1
cisco	catalyst_sd-wan_manager	19.2.31
cisco	catalyst_sd-wan_manager	19.2.097
cisco	catalyst_sd-wan_manager	19.2.098
cisco	catalyst_sd-wan_manager	19.2.099
cisco	catalyst_sd-wan_manager	19.2.929
cisco	catalyst_sd-wan_manager	19.3.0
cisco	catalyst_sd-wan_manager	20.1.1
cisco	catalyst_sd-wan_manager	20.1.1.1
cisco	catalyst_sd-wan_manager	20.1.2
cisco	catalyst_sd-wan_manager	20.1.12
cisco	catalyst_sd-wan_manager	20.3.1
cisco	catalyst_sd-wan_manager	20.3.2
cisco	catalyst_sd-wan_manager	20.3.2.1
cisco	catalyst_sd-wan_manager	20.3.2.1_927:_927
cisco	catalyst_sd-wan_manager	20.3.2.1_930:_930
cisco	catalyst_sd-wan_manager	20.3.2_928:_928
cisco	catalyst_sd-wan_manager	20.3.2_929:_929
cisco	catalyst_sd-wan_manager	20.3.3
cisco	catalyst_sd-wan_manager	20.4.1
cisco	catalyst_sd-wan_manager	20.4.1.0.1
cisco	catalyst_sd-wan_manager	20.4.1.1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
The software constructs a string for a command to executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-cmdinj-nRHKgfHX

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-info-disclos-gGvm9Mfu