Synced 16 Jun 2026 15:24 UTC Account
← All products

CVE-2021-1482

MEDIUM severity · CVSS 6.4 · Improper input validation
6.4CVSS MEDIUM

Summary

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain access to sensitive information on an affected system. This vulnerability is due to insufficient authorization checks. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to bypass authorization checking and gain access to sensitive information on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Impact & exploitability

Attack vectorNetwork
Attack complexityLow
Privileges requiredLow
User interactionNone
Confidentiality impactLow
Integrity impactLow
Availability impactNone
Exploit probability (EPSS)1%

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Affected products we track (1)

Catalyst SD-WAN Manager

Recommendation

Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.

Additional information