First published: Thu Sep 23 2021(Updated: )
A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain unauthorized access to user credentials. This vulnerability exists because access to API endpoints is not properly restricted. An attacker could exploit this vulnerability by sending a request to an API endpoint. A successful exploit could allow the attacker to gain unauthorized access to administrative credentials that could be used in further attacks.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco SD-WAN | >=20.3<20.3.4 | |
Cisco SD-WAN | >=20.4<20.4.2 | |
Cisco SD-WAN | >=20.5<20.5.2 | |
Cisco SD-WAN | >=20.6<20.6.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-1589 is a vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software that allows an authenticated, remote attacker to gain unauthorized access to user credentials.
CVE-2021-1589 allows an attacker to exploit the vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software, resulting in unauthorized access to user credentials.
Yes, an attacker needs to be authenticated to exploit CVE-2021-1589 and gain unauthorized access to user credentials.
CVE-2021-1589 has a severity rating of 6.5 out of 10, indicating a medium-level vulnerability.
To fix CVE-2021-1589, it is recommended to apply the necessary patches or updates provided by Cisco.