What is CVE-2021-1506?

CVE-2021-1506 is a critical-severity vulnerability in Cisco Sd-wan Vmanage, classified under Improper Input Validation. CVSS score: 9.8/10. Published 2021-05-06.

How severe is CVE-2021-1506?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Improper input validation in Cisco Sd-wan Vmanage

CVE-2021-1506

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privil…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.018 (83.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cisco Sd-wan Vmanage — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

20210505 Cisco SD-WAN vManage Software Vulnerabilities (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2021-1506?: CVE-2021-1506 is a critical-severity vulnerability in Cisco Sd-wan Vmanage, classified under Improper Input Validation. CVSS score: 9.8/10. Published 2021-05-06.
How severe is CVE-2021-1506?: Critical severity. CVSS v3 base score is 9.8 out of 10.