CVE-2021-1274

HIGH

Cisco SD-WAN Firmware - Unauthenticated Denial of Service

Title source: llm

Description

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dosmulti-48jJuEUP

Scores

CVSS v3 8.6

EPSS 0.0069

EPSS Percentile 72.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-119 CWE-476

Status published

Products (14)

cisco/catalyst_sd-wan_manager

cisco/ios_xe_sd-wan

cisco/sd-wan_firmware 18.3.5

cisco/sd-wan_firmware 18.3.8

cisco/sd-wan_firmware 18.4.1

cisco/sd-wan_firmware 18.4.4

cisco/sd-wan_firmware 18.4.5

cisco/sd-wan_firmware 19.2.0

cisco/sd-wan_firmware 19.2.1

cisco/sd-wan_firmware 19.2.2

... and 4 more

Published Jan 20, 2021

Tracked Since Feb 18, 2026