CVE-2021-1515

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. This vulnerability is due to improper access controls on API endpoints when Cisco SD-WAN vManage Software is running in multi-tenant mode. An attacker with access to a device that is managed in the multi-tenant environment could exploit this vulnerability by sending a request to an affected API endpoint on the vManage system. A successful exploit could allow the attacker to gain access to sensitive information that may include hashed credentials that could be used in future attacks.

CVSS v3 4.3 MEDIUM
CVSS v2.0 3.3 LOW

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

3.3^/10

CVSS v2.0 : LOW

Vector : AV:A/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-vmanage-9VZO4gfU	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*

History

21 Oct 2022, 19:43

Type	Values Removed	Values Added
CWE	~~CWE-284~~	NVD-CWE-Other

14 May 2021, 13:16

Type	Values Removed	Values Added
References	~~(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-vmanage-9VZO4gfU -~~	(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-vmanage-9VZO4gfU - Vendor Advisory
CPE		cpe:2.3:a:cisco:sd-wan_vmanage::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 3.3 v3 : 4.3

06 May 2021, 13:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-05-06 13:15

Updated : 2023-12-10 13:55

NVD link : CVE-2021-1515

Mitre link : CVE-2021-1515

CVE.ORG link : CVE-2021-1515

JSON object : View

Products Affected

cisco

sd-wan_vmanage

CWE

NVD-CWE-Other CWE-284

Improper Access Control

{"id": "CVE-2021-1515", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2021-05-06T13:15:10.920", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-vmanage-9VZO4gfU", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. This vulnerability is due to improper access controls on API endpoints when Cisco SD-WAN vManage Software is running in multi-tenant mode. An attacker with access to a device that is managed in the multi-tenant environment could exploit this vulnerability by sending a request to an affected API endpoint on the vManage system. A successful exploit could allow the attacker to gain access to sensitive information that may include hashed credentials that could be used in future attacks."}, {"lang": "es", "value": "Una vulnerabilidad en Cisco SD-WAN vManage Software, podr\u00eda permitir a un atacante adyacente no autenticado conseguir acceso a informaci\u00f3n confidencial. Esta vulnerabilidad es debido a controles de acceso incorrectos en los endpoints de la API cuando Cisco SD-WAN vManage Software se ejecuta en modo multi-tenant. Un atacante con acceso a un dispositivo administrado en el entorno de multi-tenant podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo una petici\u00f3n hacia un endpoint de la API afectado en el sistema vManage. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante obtener acceso a informaci\u00f3n confidencial que puede incluir credenciales hash que podr\u00edan ser usados en futuros ataques"}], "lastModified": "2023-11-07T03:28:29.533", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E88ABD08-4911-4D55-B2EA-6F9DFDFD54CA", "versionEndExcluding": "20.4.1"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}