Rewterz Threat Advisory – Cisco Data Center Network Manager (DCNM) server-side request forgery
January 21, 2021Rewterz Threat Alert – Emotet -Fresh IOCs
January 21, 2021Rewterz Threat Advisory – Cisco Data Center Network Manager (DCNM) server-side request forgery
January 21, 2021Rewterz Threat Alert – Emotet -Fresh IOCs
January 21, 2021Severity
Medium
Analysis Summary
CVE-2021-1301
Cisco SD-WAN is vulnerable to a denial of service, caused by insufficient input validation of user-supplied input that is read by the system during the establishment of an SSH connection. By submitting a specially crafted file to be read, a remote authenticated attacker could overflow a buffer and cause a denial of service on the device.
Impact
Denial of service
Affected Vendors
Cisco
Affected Products
- Cisco SD-WAN vManage software
- Cisco IOS XE SD-WAN Software
- Cisco SD-WAN vEdge Cloud Routers
- Cisco SD-WAN vBond Orchestrator Software
- Cisco SD-WAN vEdge Routers
- Cisco SD-WAN vSmart Controller Software
Remediation
Refer to Cisco advisory for the complete list of affected products and their respective patches.