Headline
CVE-2021-1274: Cisco Security Advisory: Cisco SD-WAN Denial of Service Vulnerabilities
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit the other vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerability.
Details about the vulnerabilities are as follows.
CVE-2021-1241: Cisco SD-WAN vEdge Router VPN Denial of Service Vulnerability
A vulnerability in VPN tunneling features of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to cause a DoS condition on an affected system.
The vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted packets through an affected device. A successful exploit could allow the attacker to cause the device to reboot, resulting in a DoS condition on the affected system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvu31763
CVE ID: CVE-2021-1241
Security Impact Rating (SIR): High
CVSS Base Score: 8.6
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HCVE-2021-1273: Cisco SD-WAN IPSec Denial of Service Vulnerability
A vulnerability in the IPSec tunnel management of Cisco SD-WAN vBond Orchestrator Software, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vManage Software, and Cisco SD-WAN vSmart Controller Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected system.
The vulnerability is due to the bounds checking in the forwarding plane of the IPSec tunnel management functionality. An attacker could exploit this vulnerability by sending crafted IPv4 or IPv6 packets to a specific device. A successful exploit could allow the attacker to cause a DoS condition on the affected system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvu28409
CVE ID: CVE-2021-1273
Security Impact Rating (SIR): High
CVSS Base Score: 8.6
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HCVE-2021-1274: Cisco SD-WAN UDP Denial of Service Vulnerability
A vulnerability in the UDP connection response of Cisco IOS XE SD-WAN, Cisco SD-WAN vBond Orchestrator Software, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vManage Software, and Cisco SD-WAN vSmart Controller Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected system.
The vulnerability is due to the presence of a null dereference in vDaemon. An attacker could exploit this vulnerability by sending crafted traffic to a specific device. A successful exploit could allow the attacker to cause a DoS condition on the affected system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvt11523
CVE ID: CVE-2021-1274
Security Impact Rating (SIR): High
CVSS Base Score: 8.6
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HCVE-2021-1278: Cisco SD-WAN Denial of Service Vulnerabilities
Multiple vulnerabilities in the symbolic link (symlink) creation functionality of Cisco SD-WAN vBond Orchestrator Software, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vManage Software, and Cisco SD-WAN vSmart Controller Software could allow an authenticated, local attacker to overwrite arbitrary files that are owned by the root user on the affected system.
These vulnerabilities are due to the absence of validation checks for the input that is used to create symlinks. An attacker could exploit these vulnerabilities by creating a symlink to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a DoS condition on an affected system. To exploit these vulnerabilities, the attacker would need to have valid credentials on the system.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Bug ID(s): CSCvt11522, CSCvt11530
CVE ID: CVE-2021-1278
Security Impact Rating (SIR): Medium
CVSS Base Score: 6.7
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:HCVE-2021-1279: Cisco SD-WAN SNMPv3 Denial of Service Vulnerability
A vulnerability in the SNMPv3 management feature of Cisco SD-WAN vBond Orchestrator Software, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vManage Software, and Cisco SD-WAN vSmart Controller Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected system.
The vulnerability is due to insufficient input validation for the SNMPv3 management functionality. An attacker could exploit this vulnerability by sending crafted SNMPv3 traffic to a specific device. A successful exploit could allow the attacker to cause a DoS condition on the affected system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvq20708
CVE ID: CVE-2021-1279
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.3
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L