7.8
CVE-2021-1513
- EPSS 0.82%
- Veröffentlicht 06.05.2021 13:15:10
- Zuletzt bearbeitet 21.11.2024 05:44:31
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Catalyst Sd-wan Manager Version < 20.3.1
Cisco ≫ Catalyst Sd-wan Manager Version >= 20.4 < 20.4.1
Cisco ≫ Catalyst Sd-wan Manager Version >= 20.5 < 20.5.1
Cisco ≫ Sd-wan Vbond Orchestrator Version-
Cisco ≫ Vsmart Controller Firmware Version-
Cisco ≫ Vedge 100 Firmware Version-
Cisco ≫ Vedge 1000 Firmware Version-
Cisco ≫ Vedge 100b Firmware Version-
Cisco ≫ Vedge 100m Firmware Version-
Cisco ≫ Vedge 100wm Firmware Version-
Cisco ≫ Vedge 2000 Firmware Version-
Cisco ≫ Vedge 5000 Firmware Version-
Cisco ≫ Vedge-100b Firmware Version-
Cisco ≫ Vedge Cloud Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.82% | 0.731 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
| psirt@cisco.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.