On Math 5th, Cisco announced fixes for critical vulnerabilities that are affecting SD-WAN vManage (CVE-2021-1468 & CVE-2021-1505) and HyperFlex HX software (CVE-2021-1497) as well as other vulnerabilities that ranged in severity. The flaws, if exploited, could allow an attacker to create rogue admin accounts and execute commands as root. The other medium to high severity vulnerabilities in various software products could allow for execution of arbitrary code remotely, privilege escalations, and trigger DoS conditions. According to Cisco’s Product Incident Response Team (PSIRT), they are not aware of any of the vulnerabilities being exploited in customer environments.
Cisco is advising its customers to download and install the free software updates that are available to fix these issues. Since the SD-WAN vManage bug only affects software that’s in a cluster, Cisco says to “verify whether the software is operating in cluster mode by checking the Cisco SD-WAN vManage web-based management interface Administration > Cluster Management view.”