3 matches found
CVE-2018-0434
CVE-2018-0434 describes a certificate validation weakness in Cisco SD-WAN Solution’s Zero Touch Provisioning. The flaw stems from insufficient validation of certificates, allowing an unauthenticated, remote attacker who can present a crafted certificate to gain unauthorized access and perform man...
CVE-2018-0432
CVE-2018-0432 affects Cisco SD-WAN Solution. An authenticated, remote attacker could exploit the error reporting feature by crafting commands due to improper validation of error-reporting configuration parameters, potentially gaining root-level privileges and full control of the device. Public so...
CVE-2018-0433
CVE-2018-0433 describes a local, authenticated command-injection vulnerability in the Cisco SD-WAN Solution CLI caused by insufficient input validation. Affected: Cisco SD-WAN Solution (CLI) on eligible devices; an attacker who can authenticate to the CLI can craft input that leads to arbitrary c...