Rewterz Threat Advisory – Multiple Juniper OS Security Vulnerabilities
January 20, 2021Rewterz Threat Advisory – CVE-2021-1301 – Cisco SD-WAN denial of service
January 21, 2021Rewterz Threat Advisory – Multiple Juniper OS Security Vulnerabilities
January 20, 2021Rewterz Threat Advisory – CVE-2021-1301 – Cisco SD-WAN denial of service
January 21, 2021Severity
High
Analysis Summary
CVE-2021-1272
Cisco Data Center Network Manager (DCNM) is vulnerable to server-side request forgery, caused by improper validation of parameters in a specific HTTP request. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to conduct SSRF attack to bypass access controls and gain unauthorized access to the Device Manager application.
Impact
Gain access
Affected Vendors
Cisco
Affected Products
Cisco Data Center Network Manager
Remediation
Refer to Cisco advisory for the complete list of affected products and their respective patches.