How severe is CVE-2021-1484?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2021-1484?

This is classified as CWE-88, which is a common weakness in software security.

CVE-2021-1484 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to inject arbitrary commands on an affected system and cause a denial of service (DoS) condition. This vulnerability is due to improper input validation of user-supplied input to the device template configuration. An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to cause a DoS condition on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Related Vulnerabilities

CVE-2017-15694

MEDIUM

CVSS:6.5(Medium)

When an Apache Geode server versions 1.0.0 to 1.8.0 is operating in secure mode, a user with write permissions for specific data regions can modify internal cluster metadata. A malicious user could mo...

CWE-882017

CVE-2019-0764

MEDIUM

CVSS:6.5(Medium)

A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions, aka 'Microsoft Browsers Tampering Vulnerability'.

CWE-882019

CVE-2019-10800

MEDIUM

CVSS:6.5(Medium)

This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method.

CWE-882019

CVE-2020-5657

MEDIUM

CVSS:6.5(Medium)

Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interf...

CWE-882020

CVE-2021-3256

MEDIUM

CVSS:6.5(Medium)

KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the html_url parameter of the chakanhtml.module.php file.

CWE-882021

CVE-2022-31749

MEDIUM

CVSS:6.5(Medium)

An argument injection vulnerability in the diagnose and import pac commands in WatchGuard Fireware OS before 12.8.1, 12.1.4, and 12.5.10 allows an authenticated remote attacker with unprivileged crede...

CWE-882022