EUVD-2018-1168

Malware in sbrugna...

EUVD-2018-1166

Malware in sbrugna...

Input validation

A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in t...

CVE-2019-12629

The CVE-2019-12629 issue pertains to Cisco SD-WAN vManage WebUI. Affected component: WebUI of Cisco SD-WAN Solution; root cause: insufficient input validation of data parameters in login-related fields. Exploitation: an authenticated remote attacker can configure a malicious username on the login...

CVE-2019-12629 Cisco SD-WAN vManage Command Injection Vulnerability

A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in t...

CVE-2018-0345

A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The vulnerability is due t...

Input validation

A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The vulnerability is due t...

CVE-2018-0344

A vulnerability in the vManage dashboard for the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient...

CVE-2018-0345

A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The vulnerability is due t...

CVE-2018-0344

The CVE-2018-0344 entry describes a vulnerability in the Cisco SD-WAN Solution where the vManage dashboard’s login parameter validation is insufficient, enabling an authenticated, remote attacker to inject and execute arbitrary commands with vManage user privileges by configuring a malicious user...

Cisco SD-WAN Solution Remote Code Execution Vulnerability

A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service DoS condition on an affected system. The vulnerability is due to insufficient...

Cisco SD-WAN Solution Configuration and Management Database Remote Code Execution Vulnerability

A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The vulnerability is due t...