4 matches found
Cisco SD-WAN vManage Command Injection (cisco-sa-20200122-sdwan-cmd-inject)
The version of Cisco SD-WAN vManage installed on the remote host is prior to 18.3.0. It is, therefore, affected by a vulnerability as referenced in the cisco-sa-20200122-sdwan-cmd-inject advisory. - A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote...
CVE-2019-12629
creationtimestamp| type| source ---|---|--- 2020-01-26 12:37:46+00:00| seen| https://t.me/cveNotify/403...
CVE-2019-12629 Cisco SD-WAN vManage Command Injection Vulnerability
A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in t...
CVE-2019-12629
The CVE-2019-12629 issue pertains to Cisco SD-WAN vManage WebUI. Affected component: WebUI of Cisco SD-WAN Solution; root cause: insufficient input validation of data parameters in login-related fields. Exploitation: an authenticated remote attacker can configure a malicious username on the login...