{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T23:34:20.793","vulnerabilities":[{"cve":{"id":"CVE-2021-34712","sourceIdentifier":"psirt@cisco.com","published":"2021-09-23T03:15:17.687","lastModified":"2024-11-21T06:11:01.440","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the interface of an affected system. A successful exploit could allow the attacker to obtain sensitive information."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de administración basada en la web de Cisco SD-WAN vManage Software podría permitir a un atacante remoto autenticado realizar ataques de inyección de lenguaje de consulta cifrado en un sistema afectado. Esta vulnerabilidad es debido a que la interfaz de administración basada en la web no comprueba suficientemente las entradas. Un atacante podría explotar esta vulnerabilidad mediante el envío de peticiones HTTP diseñadas a la interfaz de un sistema afectado. Una explotación con éxito podría permitir al atacante conseguir información confidencial"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-943"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.4","versionEndIncluding":"20.4.2","matchCriteriaId":"40E20880-E313-4C4C-96A6-250EEAE005B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.5:*:*:*:*:*:*:*","matchCriteriaId":"95C2779A-494D-4FB9-8D9C-8C8DB62C76F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6:*:*:*:*:*:*:*","matchCriteriaId":"E4CAF453-21B5-4BC6-A466-56F33FAD3631"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*","versionStartIncluding":"20.3","versionEndExcluding":"20.3.4","matchCriteriaId":"0BAAEE00-7FFC-4158-A1DE-7DF1FD6F2731"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-jOsuRJCc","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-jOsuRJCc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}