CVE-2021-1301

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:cisco:sd-wan_firmware:19.2.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:sd-wan_firmware:18.3.8:*:*:*:*:*:*:*
cpe:2.3:o:cisco:sd-wan_firmware:19.2.99:*:*:*:*:*:*:*
cpe:2.3:o:cisco:sd-wan_firmware:18.4.4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vmanage:-:*:*:*:*:*:*:*

History

05 Aug 2022, 18:28

Type Values Removed Values Added
CWE CWE-120
CWE-119
CWE-20

27 Jan 2021, 20:56

Type Values Removed Values Added
CWE CWE-120
CVSS v2 : unknown
v3 : unknown
v2 : 7.5
v3 : 9.8
References (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj - (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj - Vendor Advisory
CPE cpe:2.3:o:cisco:sd-wan_firmware:19.2.99:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:sd-wan_firmware:19.2.1:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:sd-wan_firmware:18.3.8:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vmanage:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:sd-wan_firmware:18.4.4:*:*:*:*:*:*:*

26 Jan 2021, 18:16

Type Values Removed Values Added
Summary Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

20 Jan 2021, 20:25

Type Values Removed Values Added
New CVE

Information

Published : 2021-01-20 20:15

Updated : 2022-08-05 18:28


NVD link : CVE-2021-1301

Mitre link : CVE-2021-1301


JSON object : View

Products Affected

cisco

  • vedge_5000_router
  • vedge_100_router
  • sd-wan_vsmart_controller_firmware
  • vedge_100m_router
  • vedge_100b_router
  • sd-wan_firmware
  • vedge_1000_router
  • sd-wan_vbond_orchestrator
  • vedge_cloud_router
  • vedge_100wm_router
  • vedge_2000_router
  • ios_xe_sd-wan
  • sd-wan_vmanage
CWE
CWE-20

Improper Input Validation