Lucene search

K
cve[email protected]CVE-2021-1513
HistoryMay 06, 2021 - 1:15 p.m.

CVE-2021-1513

2021-05-0613:15:10
CWE-20
web.nvd.nist.gov
33
vulnerability
vdaemon
cisco
sd-wan
software
remote attacker
device reload
dos

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

52.6%

A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Affected configurations

NVD
Node
ciscocatalyst_sd-wan_managerRange<20.3.1
OR
ciscocatalyst_sd-wan_managerRange20.420.4.1
OR
ciscocatalyst_sd-wan_managerRange20.520.5.1
OR
ciscosd-wan_vbond_orchestratorMatch-
Node
ciscovsmart_controller_firmwareMatch-
AND
ciscovsmart_controllerMatch-
Node
ciscovedge_100_firmwareMatch-
AND
ciscovedge_100Match-
Node
ciscovedge_1000_firmwareMatch-
AND
ciscovedge_1000Match-
Node
ciscovedge_100b_firmwareMatch-
AND
ciscovedge_100bMatch-
Node
ciscovedge_100m_firmwareMatch-
AND
ciscovedge_100mMatch-
Node
ciscovedge_100wm_firmwareMatch-
AND
ciscovedge_100wmMatch-
Node
ciscovedge_2000_firmwareMatch-
AND
ciscovedge_2000Match-
Node
ciscovedge_5000_firmwareMatch-
AND
ciscovedge_5000Match-
Node
ciscovedge-100b_firmwareMatch-
AND
ciscovedge-100bMatch-
Node
ciscovedge_cloud_firmwareMatch-
AND
ciscovedge_cloudMatch-

CNA Affected

[
  {
    "product": "Cisco SD-WAN Solution ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

52.6%

Related for CVE-2021-1513