CVE-2021-1433

{"id": "CVE-2021-1433", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2021-03-24T20:15:14.603", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-buffover-CqdRWLc", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when the device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. The attacker must have a man-in-the-middle position between Cisco vManage and an associated device that is running an affected version of Cisco IOS XE SD-WAN Software. An exploit could allow the attacker to conduct a controllable buffer overflow attack (and possibly execute arbitrary commands as the root user) or cause a device reload, resulting in a denial of service (DoS) condition."}, {"lang": "es", "value": "Una vulnerabilidad en el proceso vDaemon en el Software Cisco IOS XE SD-WAN, podr\u00eda permitir a un atacante remoto no autenticado causar un desbordamiento del b\u00fafer en un dispositivo afectado. Esta vulnerabilidad es debido a la comprobaci\u00f3n de l\u00edmites insuficiente cuando el dispositivo procesa el tr\u00e1fico. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico dise\u00f1ado al dispositivo. El atacante debe tener una posici\u00f3n de man-in-the-middle entre Cisco vManage y un dispositivo asociado que est\u00e9 ejecutando una versi\u00f3n afectada del Software Cisco IOS XE SD-WAN. Una explotaci\u00f3n podr\u00eda permitir al atacante realizar un ataque de desbordamiento de b\u00fafer controlable (y posiblemente ejecutar comandos arbitrarios como usuario root) o causar una recarga del dispositivo, lo que resultar\u00eda en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)"}], "lastModified": "2023-11-07T03:28:18.150", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1xbs:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BF22C29-84DF-44CA-B574-FE04AB39E344"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.2xbs:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2C7C0BA-D618-4B65-B42C-43393167EEE0"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD98C9E8-3EA6-4160-970D-37C389576516"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7745ED34-D59D-49CC-B174-96BCA03B3374"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19AF4CF3-6E79-4EA3-974D-CD451A192BA9"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "313BD54C-073C-4F27-82D5-C99EFC3A20F7"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93B96E01-3777-4C33-9225-577B469A6CE5"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65FC3CC1-CF4F-4A2D-A500-04395AFE8B47"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1za:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "027200FC-8AD4-47E4-A404-490AE4F997EC"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "443D78BA-A3DA-4D1F-A4DF-2F426DC6B841"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C6FB4DC-814D-49D2-BBE2-3861AE985A1C"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9173AD6-6658-4267-AAA7-D50D0B657528"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}