CVE-2021-1305
Summary
| CVE | CVE-2021-1305 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-01-20 20:15:00 UTC |
| Updated | 2023-11-07 03:27:00 UTC |
| Description | Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory. |
Risk And Classification
Problem Types: CWE-863
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Cisco | Ios Xe Sd-wan | - | All | All | All |
| Operating System | Cisco | Ios Xe Sd-wan | - | All | All | All |
| Operating System | Cisco | Sd-wan Firmware | All | All | All | All |
| Operating System | Cisco | Sd-wan Firmware | 20.4.0 | All | All | All |
| Operating System | Cisco | Sd-wan Firmware | All | All | All | All |
| Operating System | Cisco | Sd-wan Firmware | 20.4.0 | All | All | All |
| Application | Cisco | Sd-wan Vbond Orchestrator | - | All | All | All |
| Application | Cisco | Sd-wan Vbond Orchestrator | - | All | All | All |
| Operating System | Cisco | Sd-wan Vsmart Controller Firmware | All | All | All | All |
| Operating System | Cisco | Sd-wan Vsmart Controller Firmware | All | All | All | All |
| Hardware | Cisco | Vedge 1000 Router | - | All | All | All |
| Hardware | Cisco | Vedge 1000 Router | - | All | All | All |
| Hardware | Cisco | Vedge 1000 Router | - | All | All | All |
| Hardware | Cisco | Vedge 100b Router | - | All | All | All |
| Hardware | Cisco | Vedge 100b Router | - | All | All | All |
| Hardware | Cisco | Vedge 100b Router | - | All | All | All |
| Hardware | Cisco | Vedge 100m Router | - | All | All | All |
| Hardware | Cisco | Vedge 100m Router | - | All | All | All |
| Hardware | Cisco | Vedge 100m Router | - | All | All | All |
| Hardware | Cisco | Vedge 100wm Router | - | All | All | All |
| Hardware | Cisco | Vedge 100wm Router | - | All | All | All |
| Hardware | Cisco | Vedge 100wm Router | - | All | All | All |
| Hardware | Cisco | Vedge 100 Router | - | All | All | All |
| Hardware | Cisco | Vedge 100 Router | - | All | All | All |
| Hardware | Cisco | Vedge 100 Router | - | All | All | All |
| Hardware | Cisco | Vedge 2000 Router | - | All | All | All |
| Hardware | Cisco | Vedge 2000 Router | - | All | All | All |
| Hardware | Cisco | Vedge 2000 Router | - | All | All | All |
| Hardware | Cisco | Vedge 5000 Router | - | All | All | All |
| Hardware | Cisco | Vedge 5000 Router | - | All | All | All |
| Hardware | Cisco | Vedge 5000 Router | - | All | All | All |
| Hardware | Cisco | Vedge Cloud Router | - | All | All | All |
| Hardware | Cisco | Vedge Cloud Router | - | All | All | All |
| Hardware | Cisco | Vedge Cloud Router | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco SD-WAN vManage Authorization Bypass Vulnerabilities | CISCO | tools.cisco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.