mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
249 lines
8.5 KiB
JSON
249 lines
8.5 KiB
JSON
{
|
|
"id": "CVE-2021-1241",
|
|
"sourceIdentifier": "ykramarz@cisco.com",
|
|
"published": "2021-01-20T21:15:12.100",
|
|
"lastModified": "2021-01-27T20:26:37.133",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Varias vulnerabilidades en los productos Cisco SD-WAN, podr\u00edan permitir a un atacante remoto no autenticado ejecutar ataques de denegaci\u00f3n de servicio (DoS) contra un dispositivo afectado. Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "ykramarz@cisco.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "CHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 8.6,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 4.0
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 7.8
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "ykramarz@cisco.com",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "30EE0731-351C-4889-8335-3E7E7955A385"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.3.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4CBD6FD9-84EE-416C-B77D-843D2FAAF1BC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0015FD1E-1BCD-40AB-8C21-264AB9F6E123"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F4C9F1DA-0527-4442-B0B4-4467960D30C0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:18.4.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0717AEB4-93B0-47F5-9F1B-153A519AD2E0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0065B109-5020-48AE-B10F-3452444748C6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9C535AB3-DCCE-4CFB-8479-08550552E863"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "07C2CBB8-7296-4549-B98C-D39FA1D35E6D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:19.2.99:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B74606C6-B292-4D23-8652-5CF49BDD8369"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:20.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9FF9C5E2-1A91-43A0-8F51-05A2E204BF01"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:sd-wan_vsmart_controller_firmware:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AFBC49D2-5618-416A-AE3C-6421B8B09C80"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:vedge_100_router:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "66AEE108-5CF9-4F19-9A52-40850F850E91"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:vedge_1000_router:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C7AF418B-E5C4-4FEA-A9B9-9D29002702CE"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:vedge_100b_router:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E8282DC4-099F-4379-8B2A-7B876AE29779"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:vedge_100m_router:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E9952ECE-2659-4CAC-B29C-6439391FADDB"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:vedge_100wm_router:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BBAF9E5F-C858-44C8-9F81-0916324CF513"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:vedge_2000_router:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1FA0F3A1-3442-4491-95D6-F5B17A09DB73"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:vedge_5000_router:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E7E1CFE1-8CF7-48BE-833F-03F72B3BAFAB"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:vedge_cloud_router:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E3773F59-DF2E-4387-8E27-C08FE1E6549D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EA831FC0-AE58-4F6C-9455-8578BBA87A2D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP",
|
|
"source": "ykramarz@cisco.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |