Main Vulnerability Database Vulnerabilities #VU52484

#VU52484 Improper Authorization in Cisco SD-WAN vManage - CVE-2021-1482

Published: April 22, 2021

Vulnerability identifier: #VU52484

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2021-1482

CWE-ID: CWE-285

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco SD-WAN vManage

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to bypass authorization checks.

The vulnerability exists due to insufficient authorization checks. A remote authenticated attacker can send specially crafted HTTP requests to bypass authorization checking and gain access to sensitive information on the affected system.

Remediation

Install updates from vendor's website.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-auth-bypass-Z3Zze5XC

#VU52484 Improper Authorization in Cisco SD-WAN vManage - CVE-2021-1482

Description

Remediation

External links

Please verify you're human