cisco-sa-sdwan-bufovulns-B5NrSHbj: Cisco SD-WAN Buffer Overflow Vulnerabilities
First published: Wed Jan 20 2021(Updated: )
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj
Credit: These vulnerabilities were found by James Spadaro Cisco during internal security testing
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco SD-WAN Solution | =20.4<20.4.1=20.3<20.3.1>=19.3<=20.1<20.1.1=19.2<19.2.2>=.3<18=18.3<=18.4<18.4.5 | 20.4.1 20.3.1 20.1.1 19.2.2 18.4.5 |
| Cisco IOS XE SD-WAN Releases | >=16.9=16.10=16.11<=16.12<16.12.4 | 16.12.4 |
| Cisco IOS XE Universal Releases | =17.4<17.4.1=17.3<17.3.1=17.2<17.2.1 | 17.4.1 17.3.1 17.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-sdwan-bufovulns-B5NrSHbj?
The severity of cisco-sa-sdwan-bufovulns-B5NrSHbj is classified as high due to the potential for unauthenticated remote code execution.
How do I fix cisco-sa-sdwan-bufovulns-B5NrSHbj?
To fix cisco-sa-sdwan-bufovulns-B5NrSHbj, you should apply the available software updates provided by Cisco for the affected SD-WAN and IOS XE versions.
Which Cisco products are affected by cisco-sa-sdwan-bufovulns-B5NrSHbj?
The affected products in cisco-sa-sdwan-bufovulns-B5NrSHbj include Cisco SD-WAN Releases, IOS XE SD-WAN Releases, and IOS XE Universal Releases.
Can attackers exploit cisco-sa-sdwan-bufovulns-B5NrSHbj without authentication?
Yes, attackers can exploit cisco-sa-sdwan-bufovulns-B5NrSHbj without authentication, allowing them to execute arbitrary commands.
What are the recommended actions for users of cisco-sa-sdwan-bufovulns-B5NrSHbj?
Users of cisco-sa-sdwan-bufovulns-B5NrSHbj should immediately assess their environments and implement the recommended software updates to mitigate the vulnerabilities.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/weakness
- agent/author
- agent/references
- agent/title
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/cisco
- canonical/cisco sd-wan solution
- version/cisco sd-wan solution/20.4
- version/cisco sd-wan solution/20.3
- version/cisco sd-wan solution/19.3
- version/cisco sd-wan solution/20.1
- version/cisco sd-wan solution/19.2
- version/cisco sd-wan solution/.3
- version/cisco sd-wan solution/18.3
- version/cisco sd-wan solution/18.4
- canonical/cisco ios xe sd-wan releases
- version/cisco ios xe sd-wan releases/16.9
- version/cisco ios xe sd-wan releases/16.10
- version/cisco ios xe sd-wan releases/16.11
- version/cisco ios xe sd-wan releases/16.12
- canonical/cisco ios xe universal releases
- version/cisco ios xe universal releases/17.4
- version/cisco ios xe universal releases/17.3
- version/cisco ios xe universal releases/17.2