CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-1225

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct SQL injection attacks on an affected system. These vulnerabilities exist because the web-based management interface improperly validates values in SQL queries. An attacker could exploit these vulnerabilities by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on or return values from the underlying database or the operating system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.6%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 6.4

References

Products affected by CVE-2021-1225

Cisco » Sd-Wan Vmanage » Version: N/A

cpe:2.3:a:cisco:sd-wan_vmanage:-
Cisco » Sd-Wan Vmanage » Version: 17.2.10

cpe:2.3:a:cisco:sd-wan_vmanage:17.2.10
Cisco » Sd-Wan Vmanage » Version: 17.2.4

cpe:2.3:a:cisco:sd-wan_vmanage:17.2.4
Cisco » Sd-Wan Vmanage » Version: 17.2.5

cpe:2.3:a:cisco:sd-wan_vmanage:17.2.5
Cisco » Sd-Wan Vmanage » Version: 17.2.6

cpe:2.3:a:cisco:sd-wan_vmanage:17.2.6
Cisco » Sd-Wan Vmanage » Version: 17.2.7

cpe:2.3:a:cisco:sd-wan_vmanage:17.2.7
Cisco » Sd-Wan Vmanage » Version: 17.2.8

cpe:2.3:a:cisco:sd-wan_vmanage:17.2.8
Cisco » Sd-Wan Vmanage » Version: 17.2.9

cpe:2.3:a:cisco:sd-wan_vmanage:17.2.9
Cisco » Sd-Wan Vmanage » Version: 18.2.0

cpe:2.3:a:cisco:sd-wan_vmanage:18.2.0
Cisco » Sd-Wan Vmanage » Version: 18.3.0

cpe:2.3:a:cisco:sd-wan_vmanage:18.3.0
Cisco » Sd-Wan Vmanage » Version: 18.3.1

cpe:2.3:a:cisco:sd-wan_vmanage:18.3.1
Cisco » Sd-Wan Vmanage » Version: 18.3.1.1

cpe:2.3:a:cisco:sd-wan_vmanage:18.3.1.1
Cisco » Sd-Wan Vmanage » Version: 18.3.3

cpe:2.3:a:cisco:sd-wan_vmanage:18.3.3
Cisco » Sd-Wan Vmanage » Version: 18.3.3.1

cpe:2.3:a:cisco:sd-wan_vmanage:18.3.3.1
Cisco » Sd-Wan Vmanage » Version: 18.3.4

cpe:2.3:a:cisco:sd-wan_vmanage:18.3.4
Cisco » Sd-Wan Vmanage » Version: 18.3.5

cpe:2.3:a:cisco:sd-wan_vmanage:18.3.5
Cisco » Sd-Wan Vmanage » Version: 18.3.6.1

cpe:2.3:a:cisco:sd-wan_vmanage:18.3.6.1
Cisco » Sd-Wan Vmanage » Version: 18.3.7

cpe:2.3:a:cisco:sd-wan_vmanage:18.3.7
Cisco » Sd-Wan Vmanage » Version: 18.3.8

cpe:2.3:a:cisco:sd-wan_vmanage:18.3.8
Cisco » Sd-Wan Vmanage » Version: 18.4.0

cpe:2.3:a:cisco:sd-wan_vmanage:18.4.0
Cisco » Sd-Wan Vmanage » Version: 18.4.0.1

cpe:2.3:a:cisco:sd-wan_vmanage:18.4.0.1
Cisco » Sd-Wan Vmanage » Version: 18.4.1

cpe:2.3:a:cisco:sd-wan_vmanage:18.4.1
Cisco » Sd-Wan Vmanage » Version: 18.4.3

cpe:2.3:a:cisco:sd-wan_vmanage:18.4.3
Cisco » Sd-Wan Vmanage » Version: 18.4.302

cpe:2.3:a:cisco:sd-wan_vmanage:18.4.302
Cisco » Sd-Wan Vmanage » Version: 18.4.303

cpe:2.3:a:cisco:sd-wan_vmanage:18.4.303
Cisco » Sd-Wan Vmanage » Version: 18.4.4

cpe:2.3:a:cisco:sd-wan_vmanage:18.4.4
Cisco » Sd-Wan Vmanage » Version: 18.4.5

cpe:2.3:a:cisco:sd-wan_vmanage:18.4.5
Cisco » Sd-Wan Vmanage » Version: 19.1.0

cpe:2.3:a:cisco:sd-wan_vmanage:19.1.0
Cisco » Sd-Wan Vmanage » Version: 19.2.0

cpe:2.3:a:cisco:sd-wan_vmanage:19.2.0
Cisco » Sd-Wan Vmanage » Version: 19.2.1

cpe:2.3:a:cisco:sd-wan_vmanage:19.2.1
Cisco » Sd-Wan Vmanage » Version: 19.2.2

cpe:2.3:a:cisco:sd-wan_vmanage:19.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-1225

Products

Pricing

Contact Us