cisco-sa-20180718-sdwan-ci: Cisco SD-WAN Solution Zero Touch Provisioning Command Injection Vulnerability
First published: Wed Jul 18 2018(Updated: )
A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting malicious input to the affected parameter. The attacker must be authenticated to access the affected parameter. A successful exploit could allow an attacker to execute commands with root privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-ci
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco SD-WAN firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-20180718-sdwan-ci?
The severity of cisco-sa-20180718-sdwan-ci is classified as high due to the potential for root command injection.
How do I fix cisco-sa-20180718-sdwan-ci?
To fix cisco-sa-20180718-sdwan-ci, ensure that you apply the necessary patches provided by Cisco for the affected SD-WAN Solution.
Who is affected by cisco-sa-20180718-sdwan-ci?
The cisco-sa-20180718-sdwan-ci vulnerability affects users of the Cisco SD-WAN Solution, specifically those with Zero Touch Provisioning enabled.
What types of attacks can occur due to cisco-sa-20180718-sdwan-ci?
Due to cisco-sa-20180718-sdwan-ci, an attacker may exploit the vulnerability to execute arbitrary commands with root privileges, leading to unauthorized access.
Is authentication required for exploiting cisco-sa-20180718-sdwan-ci?
Yes, cisco-sa-20180718-sdwan-ci requires an authenticated local attacker to exploit the vulnerability.
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- collector/cisco-advisory
- source/Cisco
- agent/severity
- agent/references
- agent/weakness
- agent/title
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco sd-wan firmware