Cisco Issues Update For ACE, Other Vulnerabilities In SD-WAN vManage

Cisco has issued software updates to address multiple vulnerabilities in their SD-WAN vManage software that could allow remote arbitrary code execution (ACE), unauthorized access to sensitive information, DoS attacks, or gain escalated privileges.

Cisco says that the following products are not affected:

  • IOS XE SD-WAN Software
  • SD-WAN cEdge Routers
  • SD-WAN vBond Orchestrator Software
  • SD-WAN vEdge Routers
  • SD-WAN vSmart Controller Software

CVE-2021-1468 – Unauthorized Message Processing Flaw

Security Impact Rating (SIR): Critical.

This is an unauthorized message processing vulnerability affecting devices operating in cluster mode. Due to inadequate authentication checks on user input. It could allow an attacker to remotely send unauthorized messages to the application and execute privileged actions. For example: Creating new accounts with administrator privileges .

CVE-2021-1505 – Privilege Escalation Vulnerability

Security Impact Rating (SIR): Critical.

In cluster mode, this vulnerability could allow an authenticated attacker to remotely bypass authorization checking and gain elevated privileges. This affects the SD-WAN web interface.

CVE-2021-1508 – Unauthorized Access Vulnerability

Security Impact Rating (SIR): High.

In cluster mode, the vulnerability could allow attackers to remotely bypass authorization checking and modify software in such a way that provides them with elevated privileges.

CVE-2021-1275 – API DoS Vulnerability

Security Impact Rating (SIR): High.

This vulnerability exists in one of the Cisco SD-WAN vManage Application Programming Interfaces (API). It allows remote attackers to perpetrate denial of service (DoS) attacks. Cisco said the issue is due to insufficient handling of API requests.

CVE-2021-1506 – Unauthorized Services Access Vulnerability

Security Impact Rating (SIR): High.

This vulnerability affects a service of the Cisco SD-WAN vManage software. It could allow a remote, authenticated attacker to gain unauthorized access to services on the affected device.

Cisco has published a list of products affected by the vulnerability, and all of the issues above are addressed by the updates.

Nicholas Brown
Nicholas Brown has written for LDA, CleanTechnica, Gas2, the Texas Instruments blog, and Green Building Elements. He has a keen interest in science, technology, and the energy industry. Contact

Related Articles

Latest Articles