What is the severity of cisco-sa-sdwan-dos-Ckn5cVqW?

The severity of cisco-sa-sdwan-dos-Ckn5cVqW is classified as high due to its potential to cause a denial of service condition.

How do I fix cisco-sa-sdwan-dos-Ckn5cVqW?

To fix cisco-sa-sdwan-dos-Ckn5cVqW, upgrade to an unaffected version of Cisco SD-WAN software.

What type of vulnerability is cisco-sa-sdwan-dos-Ckn5cVqW?

cisco-sa-sdwan-dos-Ckn5cVqW is a denial of service (DoS) vulnerability.

What causes the cisco-sa-sdwan-dos-Ckn5cVqW vulnerability?

The cisco-sa-sdwan-dos-Ckn5cVqW vulnerability is caused by insufficient handling of malformed packets in the vDaemon process.

Who is affected by cisco-sa-sdwan-dos-Ckn5cVqW?

Organizations using Cisco SD-WAN software versions 20.5.1, 20.4.1, and earlier versions are affected by cisco-sa-sdwan-dos-Ckn5cVqW.

Vulnerability/
cisco-sa-sdwan-dos-Ckn5cVqW

high

7.5

CWE

5/5/2021

cisco-sa-sdwan-dos-Ckn5cVqW: Cisco SD-WAN Software vDaemon Denial of Service Vulnerability

First published: Wed May 05 2021(Updated: )

A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW

Credit: This vulnerability was found by James Spadaro the Cisco Advanced Security Initiatives Group during internal security testing

Affected Software	Affected Version	How to fix
Cisco SD-WAN Solution	=20.5<20.5.1=20.4<20.4.1>=.4<18=18.4=19.2=19.3=20.1<=20.3<20.3.1	20.5.1 20.4.1 20.3.1

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW (Advisory)

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2021-1513

Frequently Asked Questions

What is the severity of cisco-sa-sdwan-dos-Ckn5cVqW?
The severity of cisco-sa-sdwan-dos-Ckn5cVqW is classified as high due to its potential to cause a denial of service condition.
How do I fix cisco-sa-sdwan-dos-Ckn5cVqW?
To fix cisco-sa-sdwan-dos-Ckn5cVqW, upgrade to an unaffected version of Cisco SD-WAN software.
What type of vulnerability is cisco-sa-sdwan-dos-Ckn5cVqW?
cisco-sa-sdwan-dos-Ckn5cVqW is a denial of service (DoS) vulnerability.
What causes the cisco-sa-sdwan-dos-Ckn5cVqW vulnerability?
The cisco-sa-sdwan-dos-Ckn5cVqW vulnerability is caused by insufficient handling of malformed packets in the vDaemon process.
Who is affected by cisco-sa-sdwan-dos-Ckn5cVqW?
Organizations using Cisco SD-WAN software versions 20.5.1, 20.4.1, and earlier versions are affected by cisco-sa-sdwan-dos-Ckn5cVqW.

agent/type
agent/last-modified-date
agent/first-publish-date
agent/severity
agent/references
agent/title
agent/author
agent/weakness
agent/description
agent/event
collector/cisco-advisory
source/Cisco
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
agent/source
vendor/cisco
canonical/cisco sd-wan solution
version/cisco sd-wan solution/20.5
version/cisco sd-wan solution/20.4
version/cisco sd-wan solution/.4
version/cisco sd-wan solution/18.4
version/cisco sd-wan solution/19.2
version/cisco sd-wan solution/19.3
version/cisco sd-wan solution/20.1
version/cisco sd-wan solution/20.3