Cisco Patches Critical Vulnerabilities in SD-WAN, DNA Center, SSMS Products

Cisco this week released patches to address a significant number of vulnerabilities across its product portfolio, including several critical flaws in SD-WAN products, DNA Center, and Smart Software Manager Satellite (SSMS).

Several command injection bugs addressed in SD-WAN products could allow an attacker to perform actions as root on the affected devices, the most important of which is rated critical severity, featuring a CVSS score of 9.9.

Tracked as CVE-2021-1299, the flaw resides in the web-based management interface of SD-WAN vManage software and could be exploited remotely, without authentication, to execute arbitrary commands as the root user. An attacker looking to exploit the flaw would have to submit crafted input to the device template configuration.

Five other command injection flaws were addressed in SD-WAN vBond Orchestrator, SD-WAN vEdge Cloud Routers, SD-WAN vEdge Routers, SD-WAN vManage, and SD-WAN vSmart Controller Software. Two of them were rated high severity, while the other three were considered medium severity.

Cisco also patched two buffer overflow issues in SD-WAN, the most important of which is tracked as CVE-2021-1300 and features a CVSS score of 9.8. The flaw could lead to arbitrary code execution with root privileges.

Impacted products include IOS XE SD-WAN, SD-WAN vBond Orchestrator, SD-WAN vEdge Cloud Routers, SD-WAN vEdge Routers, SD-WAN vManage, and SD-WAN vSmart Controller software.

A critical vulnerability addressed in DNA Center could be exploited to perform command injection attacks. Tracked as CVE-2021-1264 and featuring a CVSS score of 9.6, the flaw exists because of insufficient input validation by the Command Runner tool. Cisco DNA Center releases prior to version 1.3.1.0 are affected.

Three critical bugs (CVE-2021-1138, CVE-2021-1140, CVE-2021-1142; CVSS score of 9.8) were patched in the web UI of Smart Software Manager Satellite. The flaws could be exploited by an unauthenticated, remote attacker to execute arbitrary commands.

Two other issues (CVE-2021-1139, CVE-2021-1141; CVSS score of 8.8) also addressed in the software could be exploited remotely, without authentication, to execute arbitrary commands as the root user. Cisco Smart Software Manager On-Prem releases 6.3.0 and later contain fixes for all of these flaws.

Cisco says it is not aware of public exploits or attacks that target any of these vulnerabilities.

This week, the company also released patches for multiple other high- and medium-severity flaws in SD-WAN, DNA Center, Data Center Network Manager, SSMS, Advanced Malware Protection (AMP) for Endpoints for Windows and Immunet for Windows, Web Security Appliance (WSA), Umbrella, Unified Communications products, Elastic Services Controller (ESC), Email Security Appliance (ESA), Content Security Management Appliance (SMA), and StarOS.

Information on all of the addressed vulnerabilities can be found on Cisco’s security portal.

Related: Over 70 Vulnerabilities Will Remain Unpatched in EOL Cisco Routers

Related: Cisco Patches Wormable, Zero-Click Vulnerability in Jabber

Related: Cisco Webex Vulnerability Allows Ghost Access to Meetings