A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the interface of an affected system. A successful exploit could allow the attacker to obtain sensitive information.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-jOsuRJCc | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2021-09-22T00:00:00
Updated: 2021-09-23T02:26:03
Reserved: 2021-06-15T00:00:00
Link: CVE-2021-34712
JSON object: View
NVD Information
Status : Modified
Published: 2021-09-23T03:15:17.687
Modified: 2023-11-07T03:36:10.040
Link: CVE-2021-34712
JSON object: View
Redhat Information
No data.
CWE