cisco-sa-sdwan-dosmulti-48jJuEUP: Cisco SD-WAN Denial of Service Vulnerabilities
First published: Wed Jan 20 2021(Updated: )
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP
Credit: CVE-2021-1273: This vulnerability was found by Joseph Connor Cisco during internal security testingCVE-2021-1274: This vulnerability was found by Arthur Vidineyev Cisco during internal security testingCVE-2021-1278: This vulnerability was found by Andrew Kim Cisco during internal security testingCVE-2021-1279: CVE-2021-1241: This vulnerability were found during the resolution a Cisco TAC support case
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco SD-WAN Solution | =20.4<20.4.1=20.3<20.3.1>=19.3<=20.1<20.1.2=19.2<19.2.4>=.3<18=18.3<=18.4<18.4.6 | 20.4.1 20.3.1 20.1.2 19.2.4 18.4.6 |
| Cisco IOS XE SD-WAN Releases | >=16.9=16.10=16.11<=16.12<16.12.4 | 16.12.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of cisco-sa-sdwan-dosmulti-48jJuEUP?
The severity of cisco-sa-sdwan-dosmulti-48jJuEUP is critical due to the potential for denial of service attacks.
How do I fix cisco-sa-sdwan-dosmulti-48jJuEUP?
To fix cisco-sa-sdwan-dosmulti-48jJuEUP, upgrade your affected Cisco SD-WAN and IOS XE SD-WAN products to the recommended software versions.
Which Cisco products are affected by cisco-sa-sdwan-dosmulti-48jJuEUP?
Affected products include various versions of Cisco SD-WAN and IOS XE SD-WAN releases.
Can cisco-sa-sdwan-dosmulti-48jJuEUP be exploited remotely?
Yes, cisco-sa-sdwan-dosmulti-48jJuEUP can be exploited by an unauthenticated remote attacker.
Is there a workaround for cisco-sa-sdwan-dosmulti-48jJuEUP?
There are no specific workarounds for cisco-sa-sdwan-dosmulti-48jJuEUP; updating the software is recommended.
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/title
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/cisco
- canonical/cisco sd-wan solution
- version/cisco sd-wan solution/20.4
- version/cisco sd-wan solution/20.3
- version/cisco sd-wan solution/19.3
- version/cisco sd-wan solution/20.1
- version/cisco sd-wan solution/19.2
- version/cisco sd-wan solution/.3
- version/cisco sd-wan solution/18.3
- version/cisco sd-wan solution/18.4
- canonical/cisco ios xe sd-wan releases
- version/cisco ios xe sd-wan releases/16.9
- version/cisco ios xe sd-wan releases/16.10
- version/cisco ios xe sd-wan releases/16.11
- version/cisco ios xe sd-wan releases/16.12