Main Vulnerability Database Vulnerabilities #VU17226

Buffer overflow in Cisco SD-WAN - CVE-2019-1651

Published: January 25, 2019

Vulnerability identifier: #VU17226

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2019-1651

CWE-ID: CWE-120

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Cisco Systems, Inc

Affected software:
Cisco SD-WAN

Detailed vulnerability description

The vulnerability allows a remote authenticated attacker to gain elevated privileges on an affected device.

The vulnerability exists due to improper bounds checking by the vContainer. A remote authenticated attacker can send a malicious file to an affected vContainer instance, trigger a buffer overflow condition on the affected vContainer and cause the service to crash or execute arbitrary code as the root user.

Successful exploitation of the vulnerability may result in system compromise.

How to mitigate CVE-2019-1651

Update to version 18.4.0.

Sources

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-bo

Buffer overflow in Cisco SD-WAN - CVE-2019-1651

Detailed vulnerability description

How to mitigate CVE-2019-1651

Sources

Please verify you're human