cisco-sa-20190123-sdwan-unaccess: Cisco SD-WAN Solution Unauthorized Access Vulnerability
First published: Wed Jan 23 2019(Updated: )
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to bypass authentication and have direct unauthorized access to other vSmart containers. The vulnerability is due to an insecure default configuration of the affected system. An attacker could exploit this vulnerability by directly connecting to the exposed services. An exploit could allow the attacker to retrieve and modify critical system files. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-unaccess
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco SD-WAN firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-20190123-sdwan-unaccess?
The cisco-sa-20190123-sdwan-unaccess vulnerability is considered high severity due to its potential to allow unauthorized access to critical components of the Cisco SD-WAN Solution.
How do I fix cisco-sa-20190123-sdwan-unaccess?
To remediate the cisco-sa-20190123-sdwan-unaccess vulnerability, ensure that default configurations are properly secured and follow Cisco's recommended security advisories.
Who is affected by cisco-sa-20190123-sdwan-unaccess?
The cisco-sa-20190123-sdwan-unaccess vulnerability affects users of the Cisco SD-WAN Solution that have not properly configured their systems.
What are the potential impacts of cisco-sa-20190123-sdwan-unaccess?
The potential impacts of cisco-sa-20190123-sdwan-unaccess include unauthorized access to sensitive data and configurations within affected vSmart containers.
Is authentication bypass a concern in cisco-sa-20190123-sdwan-unaccess?
Yes, cisco-sa-20190123-sdwan-unaccess allows authenticated, adjacent attackers to bypass authentication mechanisms, posing a significant security risk.
- agent/last-modified-date
- agent/event
- agent/type
- collector/cisco-advisory
- source/Cisco
- agent/severity
- agent/title
- agent/references
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco sd-wan firmware