CVE-2021-1232: A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbi...

Description

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system. This vulnerability is due to insufficient access control for sensitive information that is written to an affected system. An attacker could exploit this vulnerability by accessing sensitive information that they are not authorized to access on an affected system. A successful exploit could allow the attacker to gain access to devices and other network management systems that they should not have access to.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Metrics

CVSS 3.1

6.5/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS Probability

1.06%

60.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-522

Affected Software

Vendor	Product	Versions
Cisco	Catalyst Sd-Wan Manager	17.2.4
Cisco	Catalyst Sd-Wan Manager	17.2.5
Cisco	Catalyst Sd-Wan Manager	17.2.6
Cisco	Catalyst Sd-Wan Manager	17.2.7
Cisco	Catalyst Sd-Wan Manager	17.2.8
Cisco	Catalyst Sd-Wan Manager	17.2.9
Cisco	Catalyst Sd-Wan Manager	17.2.10
Cisco	Catalyst Sd-Wan Manager	18.2.0
Cisco	Catalyst Sd-Wan Manager	18.3.0
Cisco	Catalyst Sd-Wan Manager	18.3.1
Cisco	Catalyst Sd-Wan Manager	18.3.1.1
Cisco	Catalyst Sd-Wan Manager	18.3.3
Cisco	Catalyst Sd-Wan Manager	18.3.3.1
Cisco	Catalyst Sd-Wan Manager	18.3.4
Cisco	Catalyst Sd-Wan Manager	18.3.5
Cisco	Catalyst Sd-Wan Manager	18.3.6
Cisco	Catalyst Sd-Wan Manager	18.3.6.1
Cisco	Catalyst Sd-Wan Manager	18.3.7
Cisco	Catalyst Sd-Wan Manager	18.3.8
Cisco	Catalyst Sd-Wan Manager	18.4.0
Cisco	Catalyst Sd-Wan Manager	18.4.0.1
Cisco	Catalyst Sd-Wan Manager	18.4.1
Cisco	Catalyst Sd-Wan Manager	18.4.3
Cisco	Catalyst Sd-Wan Manager	18.4.4
Cisco	Catalyst Sd-Wan Manager	18.4.5
Cisco	Catalyst Sd-Wan Manager	18.4.302
Cisco	Catalyst Sd-Wan Manager	18.4.303
Cisco	Catalyst Sd-Wan Manager	18.4.501_es
Cisco	Catalyst Sd-Wan Manager	19.0.0
Cisco	Catalyst Sd-Wan Manager	19.0.1a
Cisco	Catalyst Sd-Wan Manager	19.1.0
Cisco	Catalyst Sd-Wan Manager	19.2.0
Cisco	Catalyst Sd-Wan Manager	19.2.1
Cisco	Catalyst Sd-Wan Manager	19.2.2
Cisco	Catalyst Sd-Wan Manager	19.2.3
Cisco	Catalyst Sd-Wan Manager	19.2.31
Cisco	Catalyst Sd-Wan Manager	19.2.097
Cisco	Catalyst Sd-Wan Manager	19.2.098
Cisco	Catalyst Sd-Wan Manager	19.2.099
Cisco	Catalyst Sd-Wan Manager	19.2.929
Cisco	Catalyst Sd-Wan Manager	19.3.0
Cisco	Catalyst Sd-Wan Manager	20.1.1
Cisco	Catalyst Sd-Wan Manager	20.1.1.1
Cisco	Catalyst Sd-Wan Manager	20.1.2
Cisco	Catalyst Sd-Wan Manager	20.1.12
Cisco	Catalyst Sd-Wan Manager	20.3.1

References

Timeline

Published: Nov 18, 2024
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2021-1232?

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system. This vulnerability is due to insufficient access control for sensitive information that is written to an affected system. An attacker could exploit this vulnerability by accessing sensitive information that they are not authorized to access on an affected system. A successful exploit could allow the attacker to gain access to devices and other network management systems that they should not have access to.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

How severe is CVE-2021-1232?

CVE-2021-1232 has a CVSS score of 6.5/10 (MEDIUM severity). The EPSS model estimates a 1.06% probability of exploitation in the next 30 days.

How do I fix CVE-2021-1232?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.