Cisco fixes critical flaws in SD-WAN vManage and HyperFlex HX software


Cisco has addressed critical vulnerabilities affecting SD-WAN vManage and HyperFlex HX software that could allow creating admin accounts and executing commands as root.

Cisco SD-WAN vManage Software flaws (CVE-2021-1275, CVE-2021-1468, CVE-2021-1505, CVE-2021-1506, CVE-2021-1508) could be exploited by an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information. The flaws could also allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application.

Read more…