A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain unauthorized access to user credentials. This vulnerability exists because access to API endpoints is not properly restricted. An attacker could exploit this vulnerability by sending a request to an API endpoint. A successful exploit could allow the attacker to gain unauthorized access to administrative credentials that could be used in further attacks.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-credentials-ydYfskzZ | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2021-09-22T00:00:00
Updated: 2021-09-23T02:30:29
Reserved: 2020-11-13T00:00:00
Link: CVE-2021-1589
JSON object: View
NVD Information
Status : Modified
Published: 2021-09-23T03:15:11.717
Modified: 2023-11-07T03:28:43.190
Link: CVE-2021-1589
JSON object: View
Redhat Information
No data.