Cisco SD-WAN Solution Error Reporting Feature Privilege Escalation Vulnerability

Cisco SD-WAN Solution Error Reporting Feature Privilege Escalation Vulnerability

CVE-2018-0432 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.

Learn more about our Cis Benchmark Audit For Cisco.