CVE-2021-1513

06.05.2021, 13:15

A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cisco	CNA	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 73%

Vendor	Product	Version
cisco	catalyst_sd-wan_manager	𝑥 < 20.3.1
cisco	catalyst_sd-wan_manager	20.4 ≤ 𝑥 < 20.4.1
cisco	catalyst_sd-wan_manager	20.5 ≤ 𝑥 < 20.5.1
cisco	sd-wan_vbond_orchestrator	-
cisco	vsmart_controller_firmware	-
cisco	vedge_100_firmware	-
cisco	vedge_1000_firmware	-
cisco	vedge_100b_firmware	-
cisco	vedge_100m_firmware	-
cisco	vedge_100wm_firmware	-
cisco	vedge_2000_firmware	-
cisco	vedge_5000_firmware	-
cisco	vedge-100b_firmware	-
cisco	vedge_cloud_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW