NVD Vulnerability Detail

CVE-2021-1484

Summary	A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to inject arbitrary commands on an affected system and cause a denial of service (DoS) condition. This vulnerability is due to improper input validation of user-supplied input to the device template configuration. An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to cause a DoS condition on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Publication Date	Nov. 16, 2024, 2:15 a.m.
Registration Date	Nov. 16, 2024, 5 a.m.
Last Update	Nov. 19, 2024, 2:11 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-cmdinj-nRHKgfHX
2	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-info-disclos-gGvm9Mfu

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-88	引数の挿入または変更	https://cwe.mitre.org/data/definitions/88.html

JVN Vulnerability Information

シスコシステムズの Cisco Catalyst SD-WAN Manager における引数の挿入または変更に関する脆弱性

Title	シスコシステムズの Cisco Catalyst SD-WAN Manager における引数の挿入または変更に関する脆弱性
Summary	シスコシステムズの Cisco Catalyst SD-WAN Manager には、引数の挿入または変更に関する脆弱性が存在します。
Possible impacts	サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	April 21, 2021, midnight
Registration Date	Aug. 5, 2025, 11:53 a.m.
Last Update	Aug. 5, 2025, 11:53 a.m.

Affected System

シスコシステムズ

Cisco Catalyst SD-WAN Manager 17.2.10

Cisco Catalyst SD-WAN Manager 17.2.4

Cisco Catalyst SD-WAN Manager 17.2.5

Cisco Catalyst SD-WAN Manager 17.2.6

Cisco Catalyst SD-WAN Manager 17.2.7

Cisco Catalyst SD-WAN Manager 17.2.8

Cisco Catalyst SD-WAN Manager 17.2.9

Cisco Catalyst SD-WAN Manager 18.2.0

Cisco Catalyst SD-WAN Manager 18.3.0

Cisco Catalyst SD-WAN Manager 18.3.1

Cisco Catalyst SD-WAN Manager 18.3.1.1

Cisco Catalyst SD-WAN Manager 18.3.3

Cisco Catalyst SD-WAN Manager 18.3.3.1

Cisco Catalyst SD-WAN Manager 18.3.4

Cisco Catalyst SD-WAN Manager 18.3.5

Cisco Catalyst SD-WAN Manager 18.3.6

Cisco Catalyst SD-WAN Manager 18.3.6.1

Cisco Catalyst SD-WAN Manager 18.3.7

Cisco Catalyst SD-WAN Manager 18.3.8

Cisco Catalyst SD-WAN Manager 18.4.0

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-1484	https://www.cve.org/CVERecord?id=CVE-2021-1484
National Vulnerability Database (NVD)
2	CVE-2021-1484	https://nvd.nist.gov/vuln/detail/CVE-2021-1484

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-88	https://cwe.mitre.org/data/definitions/88.html

ベンダー情報

No	Name	URL
Cisco Security Advisory
1	cisco-sa-vman-cmdinj-nRHKgfHX	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-cmdinj-nRHKgfHX

Change Log

No	Changed Details	Date of change
1	[2025年08月05日] 掲載	Aug. 5, 2025, 11:53 a.m.