Cisco Catalyst SD-WAN Manager up to 20.4.1.1 Web UI argument injection

Summaryinfo

A vulnerability labeled as critical has been found in Cisco Catalyst SD-WAN Manager. Impacted is an unknown function of the component Web UI. The manipulation results in argument injection. This vulnerability is cataloged as CVE-2021-1484. The attack may be launched remotely. There is no exploit available. The affected component should be upgraded.

Detailsinfo

A vulnerability was found in Cisco Catalyst SD-WAN Manager. It has been classified as critical. Affected is an unknown part of the component Web UI. The manipulation with an unknown input leads to a argument injection vulnerability. CWE is classifying the issue as CWE-88. The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string. This is going to have an impact on availability. CVE summarizes:

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to inject arbitrary commands on an affected system and cause a denial of service (DoS) condition. This vulnerability is due to improper input validation of user-supplied input to the device template configuration. An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to cause a DoS condition on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

The advisory is shared for download at sec.cloudapps.cisco.com. This vulnerability is traded as CVE-2021-1484 since 11/13/2020. The exploitability is told to be easy. It is possible to launch the attack remotely. There are neither technical details nor an exploit publicly available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 08/04/2025). The MITRE ATT&CK project declares the attack technique as T1059.

Upgrading eliminates this vulnerability.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Type

• Network Management Software

Vendor

• Cisco

Name

• Catalyst SD-WAN Manager

Version

• 17.2.4
• 17.2.5
• 17.2.6
• 17.2.7
• 17.2.8
• 17.2.9
• 17.2.10
• 18.2.0
• 18.3.0
• 18.3.1
• 18.3.1.1
• 18.3.3
• 18.3.3.1
• 18.3.4
• 18.3.5
• 18.3.6
• 18.3.6.1
• 18.3.7
• 18.3.8
• 18.4.0
• 18.4.0.1
• 18.4.1
• 18.4.3
• 18.4.4
• 18.4.5
• 18.4.302
• 18.4.303
• 18.4.501_ES
• 19.0.0
• 19.0.1a
• 19.1.0
• 19.2.0
• 19.2.097
• 19.2.098
• 19.2.099
• 19.2.1
• 19.2.2
• 19.2.3
• 19.2.4
• 19.2.4.0.1
• 19.2.31
• 19.2.929
• 19.3.0
• 20.1.1
• 20.1.1.1
• 20.1.2
• 20.1.12
• 20.3.1
• 20.3.2
• 20.3.2.1
• 20.3.2.1_927
• 20.3.2.1_930
• 20.3.2_928
• 20.3.2_929
• 20.3.3
• 20.4.1
• 20.4.1.0.1
• 20.4.1.1

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Discussion