CVSS: 9.0EPSS: 32%CPEs: 2EXPL: 3CVE-2019-12991 – Citrix SD-WAN and NetScaler Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-12991
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6). SD-WAN versiones 10.2.x anteriores a 10.2.3 de Citrix y SD-WAN versiones 10.0.x anteriores a 10.0.8 de NetScaler, presentan una Comprobación de Entrada Inapropiada (problema 5 de 6). Citrix SD-WAN Appliance version 10.2.2 suffers from authentication bypass and remote command execution vulnerabilities. Authenticated Command Injection in Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance. • https://www.exploit-db.com/exploits/47112 http://packetstormsecurity.com/files/153638/Citrix-SD-WAN-Appliance-10.2.2-Authentication-Bypass-Remote-Command-Execution.html http://www.securityfocus.com/bid/109133 https://support.citrix.com/article/CTX251987 https://www.tenable.com/security/research/tra-2019-32 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-1624 – Cisco SD-WAN Solution Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-1624
A vulnerability in the vManage web-based UI (Web UI) in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the vManage Web UI. A successful exploit could allow the attacker to execute commands with root privileges. Una vulnerabilidad en la interfaz de usuario basada en web (Web UI) de vManage en Cisco SD-WAN Solution de Cisco, podría permitir a un atacante remoto autenticado inyectar comandos arbitrarios que se ejecutan con privilegios root. • http://www.securityfocus.com/bid/108845 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-sdwan-cmdinj • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2019-11550
https://notcve.org/view.php?id=CVE-2019-11550
Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation. Citrix SD-WAN 10.2.x versiones anteriores a 10.2.1 y NetScaler SD-WAN 10.0.x anteriores a 10.0.7 tienen una validación de certificado incorrecta. • https://support.citrix.com/article/CTX247735 https://support.citrix.com/v1/search?searchQuery=%22%22&lang=en&sort=cr_date_desc&prod=&pver=&ct=Security+Bulletin • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2019-1648 – Cisco SD-WAN Solution Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-1648
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. Una vulnerabilidad en la configuración del grupo de usuarios de la solución Cisco SD-WAN podría permitir a un atacante local autenticado obtener privilegios elevados en un dispositivo afectado. • http://www.securityfocus.com/bid/106719 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal • CWE-20: Improper Input Validation CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-1647 – Cisco SD-WAN Solution Unauthorized Access Vulnerability
https://notcve.org/view.php?id=CVE-2019-1647
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to bypass authentication and have direct unauthorized access to other vSmart containers. The vulnerability is due to an insecure default configuration of the affected system. An attacker could exploit this vulnerability by directly connecting to the exposed services. An exploit could allow the attacker to retrieve and modify critical system files. Una vulnerabilidad en la solución Cisco SD-WAN podría permitir a un atacante adyacente autenticado omitir la autenticación y tener acceso directo no autorizado a otros contenedores vSmart. • http://www.securityfocus.com/bid/106705 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-unaccess • CWE-284: Improper Access Control •