Cisco SD-WAN vManage Software Vulnerabilities

The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities.

Several of the vulnerabilities below only impact Cisco SD-WAN vManage Software that is operating in a cluster. Customers can verify whether the software is operating in cluster mode by checking the Cisco SD-WAN vManage web-based management interface Noble Park Administration > Shemonaīkha Cluster Management view. Customers should also refer to the Cisco SD-WAN Getting Started Guide chapter on Cluster Management.

Details about the vulnerabilities are as follows:

CVE-2021-1468: Cisco SD-WAN vManage Cluster Mode Unauthorized Message Processing Vulnerability

A vulnerability in a messaging service of Cisco SD-WAN vManage Software when operating in cluster mode could allow an unauthenticated, remote attacker to send unauthorized messages to the vulnerable application.

This vulnerability is due to improper authentication checks on user-supplied input to an application messaging service. An attacker could exploit this vulnerability by submitting crafted input to the service. A successful exploit could allow the attacker to call privileged actions within the affected system, including creating new administrative level user accounts.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Bug ID(s): CSCvu28454
CVE ID: CVE-2021-1468
Security Impact Rating (SIR): Critical
CVSS Base Score: 9.8
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-1505: Cisco SD-WAN vManage Cluster Mode Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software when operating in cluster mode could allow an authenticated, remote attacker to bypass authorization checking and gain elevated privileges within an affected system.

This vulnerability exists because the affected software does not perform authorization checks on certain operations. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to bypass authorization checks and gain elevated privileges within the affected system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Bug ID(s): CSCvu28390
CVE ID: CVE-2021-1505
Security Impact Rating (SIR): Critical
CVSS Base Score: 9.1
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2021-1508: Cisco SD-WAN vManage Cluster Mode Unauthorized Access Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software when operating in cluster mode could allow an authenticated, remote attacker to bypass authorization checking and make application modifications that could allow the attacker to gain elevated privileges within an affected system.
 
This vulnerability exists because the affected software does not perform authorization checks on certain operations. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to bypass authorization checks and gain elevated privileges within the affected system.
 
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

CVE ID: CVE-2021-1508

Security Impact Rating (SIR): High

CVSS Base Score: 8.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVE-2021-1275: Cisco SD-WAN vManage Denial of Service Vulnerability

A vulnerability in an API of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected system.

The vulnerability is due to insufficient handling of API requests to the affected system. An attacker could exploit this vulnerability by sending a large amount of API requests to the affected system. A successful exploit could allow the attacker to cause a DoS condition on the affected system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Bug ID(s): CSCvv67264
CVE ID: CVE-2021-1275
Security Impact Rating (SIR): High
CVSS Base Score: 7.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2021-1506: Cisco SD-WAN vManage Cluster Mode Unauthorized Services Access Vulnerability

A vulnerability in a service of Cisco SD-WAN vManage Software when operating in cluster mode could allow an authenticated, remote attacker to gain unauthorized access to services within an affected system.
 
This vulnerability exists because the affected software does not perform authorization checks on service access. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to bypass authorization checks and gain unauthorized access to services within the affected system.
 
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Bug ID(s): CSCvu28402
CVE ID: CVE-2021-1506
Security Impact Rating (SIR): High
CVSS Base Score: 7.2
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-1783 : TOTOLINK LR1200GB 9.1.0U.6619_B20230130/9.3.5U.6698_B20230810 WEB INTERFACE /CGI-BIN/CSTECGI.CGI LOGINAUTH HTTP_HOST STACK-BASED OVERFLOW

CVE-2024-1783 : TOTOLINK LR1200GB 9.1.0U.6619_B20230130/9.3.5U.6698_B20230810 WEB INTERFACE /CGI-BIN/CSTECGI.CGI LOGINAUTH HTTP_HOST STACK-BASED OVERFLOW

Description A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130/9.3.5u.6698_B20230810. Affected is the function loginAuth of the

CVE-2024-1451 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION UP TO 16.9.0 USER PROFILE PAGE CROSS SITE SCRIPTING

CVE-2024-1451 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION UP TO 16.9.0 USER PROFILE PAGE CROSS SITE SCRIPTING

Description An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.1. A crafted payload

CVE-2023-52439 : LINUX KERNEL UP TO 6.7.0 UIO IDR_FIND USE AFTER FREE

CVE-2023-52439 : LINUX KERNEL UP TO 6.7.0 UIO IDR_FIND USE AFTER FREE

Description In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2 ——————————————————- uio_unregister_device