CVE-2021-1305 - OpenCVE

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Vedge 100b Router Vedge Cloud Router Sd-wan Firmware Ios Xe Sd-wan Sd-wan Vsmart Controller Firmware Vedge 5000 Router Sd-wan Vbond Orchestrator Vedge 100 Router Vedge 2000 Router Vedge 100wm Router Vedge 1000 Router Vedge 100m Router

Configuration 1 [-]

AND

OR	cpe:2.3:o:cisco:ios_xe_sd-wan:-:::::::*
	cpe:2.3:o:cisco:sd-wan_firmware::::::::
	cpe:2.3:o:cisco:sd-wan_firmware:20.4.0:::::::*
	cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware::::::::

OR	cpe:2.3:h:cisco:vedge_100_router:-:::::::*
	cpe:2.3:h:cisco:vedge_1000_router:-:::::::*
	cpe:2.3:h:cisco:vedge_100b_router:-:::::::*
	cpe:2.3:h:cisco:vedge_100m_router:-:::::::*
	cpe:2.3:h:cisco:vedge_100wm_router:-:::::::*
	cpe:2.3:h:cisco:vedge_2000_router:-:::::::*
	cpe:2.3:h:cisco:vedge_5000_router:-:::::::*
	cpe:2.3:h:cisco:vedge_cloud_router:-:::::::*

Configuration 2 [-]

cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-abyp-TnGFHrS	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2021-01-20T00:00:00

Updated: 2021-01-20T20:01:06

Reserved: 2020-11-13T00:00:00

Link: CVE-2021-1305

JSON object: View

NVD Information

Status : Modified

Published: 2021-01-20T20:15:17.207

Modified: 2023-11-07T03:27:55.187

Link: CVE-2021-1305

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Cisco SD-WAN vManage ", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2021-01-20T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-01-20T20:01:06", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20210120 Cisco SD-WAN vManage Authorization Bypass Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-abyp-TnGFHrS"}], "source": {"advisory": "cisco-sa-sdwan-abyp-TnGFHrS", "defect": [["CSCvi59734", "CSCvs11283", "CSCvu28377"]], "discovery": "INTERNAL"}, "title": "Cisco SD-WAN vManage Authorization Bypass Vulnerabilities", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-01-20T16:00:00", "ID": "CVE-2021-1305", "STATE": "PUBLIC", "TITLE": "Cisco SD-WAN vManage Authorization Bypass Vulnerabilities"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco SD-WAN vManage ", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "}], "impact": {"cvss": {"baseScore": "8.8", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "20210120 Cisco SD-WAN vManage Authorization Bypass Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-abyp-TnGFHrS"}]}, "source": {"advisory": "cisco-sa-sdwan-abyp-TnGFHrS", "defect": [["CSCvi59734", "CSCvs11283", "CSCvu28377"]], "discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1305", "datePublished": "2021-01-20T00:00:00", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2021-01-20T20:01:06", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*", "matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADFA9DB8-3168-467D-8EE7-2368C072142E", "versionEndExcluding": "20.3.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:20.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "12CB625A-C638-414A-95F9-9E147C897C60", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AFBC49D2-5618-416A-AE3C-6421B8B09C80", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "66AEE108-5CF9-4F19-9A52-40850F850E91", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "C7AF418B-E5C4-4FEA-A9B9-9D29002702CE", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8282DC4-099F-4379-8B2A-7B876AE29779", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9952ECE-2659-4CAC-B29C-6439391FADDB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "BBAF9E5F-C858-44C8-9F81-0916324CF513", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FA0F3A1-3442-4491-95D6-F5B17A09DB73", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7E1CFE1-8CF7-48BE-833F-03F72B3BAFAB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3773F59-DF2E-4387-8E27-C08FE1E6549D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*", "matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades en la interfaz de administraci\u00f3n basada en web del Software Cisco SD-WAN vManage, podr\u00edan permitir a un atacante remoto autenticado omitir la autorizaci\u00f3n y modificar la configuraci\u00f3n de un sistema afectado, conseguir acceso a informaci\u00f3n confidencial y visualizar informaci\u00f3n para la que no est\u00e1 autorizado acceder. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"}], "id": "CVE-2021-1305", "lastModified": "2023-11-07T03:27:55.187", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2021-01-20T20:15:17.207", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-abyp-TnGFHrS"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}