Published: 08/04/2021 Updated: 07/11/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote malicious user to execute arbitrary code or allow an authenticated, local malicious user to gain escalated privileges on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco sd-wan vmanage
cisco catalyst sd-wan manager

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system For more information about these vulnerabilities, see the Details section of this advisory Cisco has released software upda ...

PoC materials to exploit the CVE-2021-1480 on Cico SD-WAN.

Exploit for CVE-2021-1480 (SD-WAN) PoC materials to exploit the CVE-2021-1480 on Cico SD-WAN The full publicaiton is available on XMCO website : blogxmcofr/wp-content/uploads/2021/08/XMCO-SDWAN_Report-CVE-2021-1480pdf Usage: update Lines 173 and 176 to set the uid of the current user Start the proxy: python cve-2021-1480py -L 4564 127001 4565 Start the confd_

CWE-20 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy https://nvd.nist.gov https://github.com/xmco/sdwan-cve-2021-1480 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy

CVE-2021-1480

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect