CVE-2021-1234
Severity
5.3MEDIUM
EPSS
0.2%
top 57.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 18
Description
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must be in cluster mode.
This vulnerability is due to the absence of authentication for sensitive information in the cluster management interface. An attacker could exploit this vulnerability by sending a crafted request to the cluster management interfac…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4
Affected Packages2 packages
🔴Vulnerability Details
3GHSA▶
GHSA-6r95-j355-78w9: A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive↗2024-11-18
📋Vendor Advisories
3Microsoft▶
git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character which may result in unexpected cross-protocol requests as demonstrated by the git://localhost:↗2021-08-10
Red Hat▶
git: unexpected cross-protocol requests via a repository path containing a newline character↗2021-01-07