Lucene search

K
cve[email protected]CVE-2021-1513
HistoryMay 06, 2021 - 1:15 p.m.

CVE-2021-1513

2021-05-0613:15:10
CWE-20
web.nvd.nist.gov
34
vulnerability
vdaemon
cisco
sd-wan
software
remote attacker
device reload
dos

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

52.7%

A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Affected configurations

NVD
Node
ciscocatalyst_sd-wan_managerRange<20.3.1
OR
ciscocatalyst_sd-wan_managerRange20.420.4.1
OR
ciscocatalyst_sd-wan_managerRange20.520.5.1
OR
ciscosd-wan_vbond_orchestratorMatch-
Node
ciscovsmart_controller_firmwareMatch-
AND
ciscovsmart_controllerMatch-
Node
ciscovedge_100_firmwareMatch-
AND
ciscovedge_100Match-
Node
ciscovedge_1000_firmwareMatch-
AND
ciscovedge_1000Match-
Node
ciscovedge_100b_firmwareMatch-
AND
ciscovedge_100bMatch-
Node
ciscovedge_100m_firmwareMatch-
AND
ciscovedge_100mMatch-
Node
ciscovedge_100wm_firmwareMatch-
AND
ciscovedge_100wmMatch-
Node
ciscovedge_2000_firmwareMatch-
AND
ciscovedge_2000Match-
Node
ciscovedge_5000_firmwareMatch-
AND
ciscovedge_5000Match-
Node
ciscovedge-100b_firmwareMatch-
AND
ciscovedge-100bMatch-
Node
ciscovedge_cloud_firmwareMatch-
AND
ciscovedge_cloudMatch-

CNA Affected

[
  {
    "product": "Cisco SD-WAN Solution ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

52.7%

Related for CVE-2021-1513