Vulnerabilities > Cisco > IOS XE SD WAN 16 12 2R When Installed ON Integrated Services Virtual > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-09-23 CVE-2021-1619 Use of Uninitialized Resource vulnerability in Cisco products
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable.
network
low complexity
cisco CWE-908
critical
9.1