// For flags

CVE-2018-0346

 

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect bounds checks for certain values in packets that are sent to the Zero Touch Provisioning service of the affected software. An attacker could exploit this vulnerability by sending malicious packets to the affected software for processing. When the software processes the packets, a buffer overflow condition could occur and cause an affected device to reload. A successful exploit could allow the attacker to cause a temporary DoS condition while the device reloads. This vulnerability can be exploited only by traffic that is destined for an affected device. It cannot be exploited by traffic that is transiting a device. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69914.

Una vulnerabilidad en el el servicio Zero Touch Provisioning de Cisco SD-WAN Solution podría permitir que un atacante remoto sin autenticar provoque una denegación de servicio (DoS) en un sistema afectado. La vulnerabilidad se debe a comprobaciones de límites incorrectas para ciertos valores en los paquetes que se envían al servicio Zero Touch Provisioning del sistema afectado. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes maliciosos al software afectado para procesarlos. Cuando el software procesa los paquetes, podría ocurrir una condición de desbordamiento de búfer y provocar que el dispositivo afectado se recargue. Su explotación con éxito podría permitir que el atacante provoque una denegación de servicio (DoS) temporal mientras se reinicia el dispositivo. Esta vulnerabilidad solo puede ser explotada por tráfico destinado a un dispositivo afectado. No puede ser explotada por tráfico que transita por un dispositivo. Esta vulnerabilidad afecta a los siguientes productos Cisco si ejecutan una versión de Cisco SD-WAN Solution anterior a la 18.3.0: vBond Orchestrator Software, vManage Network Management Software y vSmart Controller Software. Cisco Bug IDs: CSCvi69914.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-11-27 CVE Reserved
  • 2018-07-18 CVE Published
  • 2024-05-27 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Vedge-100 Firmware
Search vendor "Cisco" for product "Vedge-100 Firmware"
< 18.3.0
Search vendor "Cisco" for product "Vedge-100 Firmware" and version " < 18.3.0"
-
Affected
in Cisco
Search vendor "Cisco"
Vedge-100
Search vendor "Cisco" for product "Vedge-100"
--
Safe
Cisco
Search vendor "Cisco"
Vedge 100b Firmware
Search vendor "Cisco" for product "Vedge 100b Firmware"
< 18.3.0
Search vendor "Cisco" for product "Vedge 100b Firmware" and version " < 18.3.0"
-
Affected
in Cisco
Search vendor "Cisco"
Vedge 100b
Search vendor "Cisco" for product "Vedge 100b"
--
Safe
Cisco
Search vendor "Cisco"
Vedge 100m Firmware
Search vendor "Cisco" for product "Vedge 100m Firmware"
< 18.3.0
Search vendor "Cisco" for product "Vedge 100m Firmware" and version " < 18.3.0"
-
Affected
in Cisco
Search vendor "Cisco"
Vedge 100m
Search vendor "Cisco" for product "Vedge 100m"
--
Safe
Cisco
Search vendor "Cisco"
Vedge 100wm Firmware
Search vendor "Cisco" for product "Vedge 100wm Firmware"
< 18.3.0
Search vendor "Cisco" for product "Vedge 100wm Firmware" and version " < 18.3.0"
-
Affected
in Cisco
Search vendor "Cisco"
Vedge 100wm
Search vendor "Cisco" for product "Vedge 100wm"
--
Safe
Cisco
Search vendor "Cisco"
Vedge-1000 Firmware
Search vendor "Cisco" for product "Vedge-1000 Firmware"
< 18.3.0
Search vendor "Cisco" for product "Vedge-1000 Firmware" and version " < 18.3.0"
-
Affected
in Cisco
Search vendor "Cisco"
Vedge-1000
Search vendor "Cisco" for product "Vedge-1000"
--
Safe
Cisco
Search vendor "Cisco"
Vedge-2000 Firmware
Search vendor "Cisco" for product "Vedge-2000 Firmware"
< 18.3.0
Search vendor "Cisco" for product "Vedge-2000 Firmware" and version " < 18.3.0"
-
Affected
in Cisco
Search vendor "Cisco"
Vedge-2000
Search vendor "Cisco" for product "Vedge-2000"
--
Safe
Cisco
Search vendor "Cisco"
Vedge-5000 Firmware
Search vendor "Cisco" for product "Vedge-5000 Firmware"
< 18.3.0
Search vendor "Cisco" for product "Vedge-5000 Firmware" and version " < 18.3.0"
-
Affected
in Cisco
Search vendor "Cisco"
Vedge-5000
Search vendor "Cisco" for product "Vedge-5000"
--
Safe
Cisco
Search vendor "Cisco"
Vbond Orchestrator
Search vendor "Cisco" for product "Vbond Orchestrator"
--
Affected
Cisco
Search vendor "Cisco"
Vedge-plus
Search vendor "Cisco" for product "Vedge-plus"
--
Affected
Cisco
Search vendor "Cisco"
Vedge-pro
Search vendor "Cisco" for product "Vedge-pro"
--
Affected
Cisco
Search vendor "Cisco"
Vmanage Network Management
Search vendor "Cisco" for product "Vmanage Network Management"
--
Affected
Cisco
Search vendor "Cisco"
Vsmart Controller
Search vendor "Cisco" for product "Vsmart Controller"
--
Affected