#VU17222 Security restrictions bypass in Cisco SD-WAN - CVE-2019-1647

Cybersecurity Help s.r.o.

Published: 2019-01-23 | Updated: 2019-01-25

Vulnerability identifier: #VU17222

Vulnerability risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-1647

CWE-ID: CWE-264

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Cisco SD-WAN
Client/Desktop applications / Virtualization software

Vendor: Cisco Systems, Inc

Description

The vulnerability allows an adjacent authenticated attacker to bypass security restrictions on the target system.

The vulnerability exists due to an insecure default configuration. An adjacent authenticated attacker can directly connect to the exposed services to retrieve and modify critical system files.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Cisco SD-WAN: 18.3.0

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-unacce...

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cisco SD-WAN