var-202101-1015
Vulnerability from variot
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco SD-WAN The product contains a buffer error vulnerability.Denial of service (DoS) It may be put into a state. Cisco SD-WAN vEdge is a router from Cisco of the United States. This device can provide basic WAN, security and multi-cloud functions for Cisco SD-WAN solutions.
The VPN tunnel function of Cisco SD-WAN vEdge Router has a denial of service vulnerability. The vulnerability is caused by the program's failure to properly process malformed data packets. Remote attackers without authentication can send specially crafted data packets to the affected device. Exploit this vulnerability to cause the device to restart, resulting in a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202101-1015",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sd-wan",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "19.2.1"
},
{
"model": "sd-wan",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "18.4.1"
},
{
"model": "sd-wan",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.1.0"
},
{
"model": "sd-wan",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "18.4.5"
},
{
"model": "catalyst sd-wan manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sd-wan vbond orchestrator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sd-wan",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "19.2.99"
},
{
"model": "sd-wan",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3.5"
},
{
"model": "sd-wan",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "18.3.8"
},
{
"model": "ios xe sd-wan",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sd-wan",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "19.2.0"
},
{
"model": "sd-wan vsmart controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "sd-wan",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "19.2.2"
},
{
"model": "sd-wan",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "18.4.4"
},
{
"model": "cisco sd-wan vbond orchestrator",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sd-wan",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sd-wan vmanage",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco ios xe sd-wan",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sd-wan vsmart controller",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "sd-wan vedge routers",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-15778"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002620"
},
{
"db": "NVD",
"id": "CVE-2021-1241"
}
]
},
"cve": "CVE-2021-1241",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-1241",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-15778",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-374295",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-1241",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-1241",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-1241",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-1241",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2021-1241",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-1241",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-15778",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202101-1620",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-374295",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-1241",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-15778"
},
{
"db": "VULHUB",
"id": "VHN-374295"
},
{
"db": "VULMON",
"id": "CVE-2021-1241"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1620"
},
{
"db": "NVD",
"id": "CVE-2021-1241"
},
{
"db": "NVD",
"id": "CVE-2021-1241"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco SD-WAN The product contains a buffer error vulnerability.Denial of service (DoS) It may be put into a state. Cisco SD-WAN vEdge is a router from Cisco of the United States. This device can provide basic WAN, security and multi-cloud functions for Cisco SD-WAN solutions. \n\r\n\r\nThe VPN tunnel function of Cisco SD-WAN vEdge Router has a denial of service vulnerability. The vulnerability is caused by the program\u0027s failure to properly process malformed data packets. Remote attackers without authentication can send specially crafted data packets to the affected device. Exploit this vulnerability to cause the device to restart, resulting in a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-1241"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002620"
},
{
"db": "CNVD",
"id": "CNVD-2021-15778"
},
{
"db": "VULHUB",
"id": "VHN-374295"
},
{
"db": "VULMON",
"id": "CVE-2021-1241"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-1241",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002620",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1620",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2021-15778",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0241",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-374295",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-1241",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-15778"
},
{
"db": "VULHUB",
"id": "VHN-374295"
},
{
"db": "VULMON",
"id": "CVE-2021-1241"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1620"
},
{
"db": "NVD",
"id": "CVE-2021-1241"
}
]
},
"id": "VAR-202101-1015",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-15778"
},
{
"db": "VULHUB",
"id": "VHN-374295"
}
],
"trust": 1.5558558666666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-15778"
}
]
},
"last_update_date": "2024-11-23T21:51:04.393000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-sdwan-dosmulti-48jJuEUP",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP"
},
{
"title": "Patch for Cisco SD-WAN vEdge Router VPN Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/251581"
},
{
"title": "Cisco SD-WAN products Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=139962"
},
{
"title": "Cisco: Cisco SD-WAN Denial of Service Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sdwan-dosmulti-48jJuEUP"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-15778"
},
{
"db": "VULMON",
"id": "CVE-2021-1241"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1620"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
},
{
"problemtype": "Buffer error (CWE-119) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-374295"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002620"
},
{
"db": "NVD",
"id": "CVE-2021-1241"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sdwan-dosmulti-48jjueup"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-1241"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0241/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/cisco-sd-wan-vedge-five-vulnerabilities-34396"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/195308"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-15778"
},
{
"db": "VULHUB",
"id": "VHN-374295"
},
{
"db": "VULMON",
"id": "CVE-2021-1241"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1620"
},
{
"db": "NVD",
"id": "CVE-2021-1241"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-15778"
},
{
"db": "VULHUB",
"id": "VHN-374295"
},
{
"db": "VULMON",
"id": "CVE-2021-1241"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1620"
},
{
"db": "NVD",
"id": "CVE-2021-1241"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-15778"
},
{
"date": "2021-01-20T00:00:00",
"db": "VULHUB",
"id": "VHN-374295"
},
{
"date": "2021-01-20T00:00:00",
"db": "VULMON",
"id": "CVE-2021-1241"
},
{
"date": "2021-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-002620"
},
{
"date": "2021-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-1620"
},
{
"date": "2021-01-20T21:15:12.100000",
"db": "NVD",
"id": "CVE-2021-1241"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-15778"
},
{
"date": "2021-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-374295"
},
{
"date": "2021-01-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-1241"
},
{
"date": "2021-09-27T09:06:00",
"db": "JVNDB",
"id": "JVNDB-2021-002620"
},
{
"date": "2021-02-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-1620"
},
{
"date": "2024-11-21T05:43:54.397000",
"db": "NVD",
"id": "CVE-2021-1241"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202101-1620"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Cisco\u00a0SD-WAN\u00a0 Buffer error vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-002620"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202101-1620"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.