CVE-2018-0347
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting malicious input to the affected parameter. The attacker must be authenticated to access the affected parameter. A successful exploit could allow an attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers. Cisco Bug IDs: CSCvi69906.
Una vulnerabilidad en el subsistema Zero Touch Provisioning (ZTP) de Cisco SD-WAN podría permitir que un atacante local autenticado inyecte comandos arbitrarios que se ejecutan con privilegios root. Esta vulnerabilidad se debe a una validación de entradas insuficiente. Un atacante podría explotar esta vulnerabilidad autenticándose en el dispositivo y enviando entradas maliciosas al parámetro afectado. El atacante debe estar autenticado para acceder al parámetro afectado. Su explotación con éxito podría permitir que el atacante ejecute comandos con privilegios root. Esta vulnerabilidad afecta a los siguientes productos Cisco si están ejecutando una versión de Cisco SD-WAN Solution anterior a la 18.3.0: vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers y vEdge 5000 Series Routers. Cisco Bug IDs: CSCvi69906.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2017-11-27 CVE Reserved
- 2018-07-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-11-29 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/104862 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-ci | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Vedge-100 Firmware Search vendor "Cisco" for product "Vedge-100 Firmware" | < 18.3.0 Search vendor "Cisco" for product "Vedge-100 Firmware" and version " < 18.3.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Vedge-100 Search vendor "Cisco" for product "Vedge-100" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Vedge 100b Firmware Search vendor "Cisco" for product "Vedge 100b Firmware" | < 18.3.0 Search vendor "Cisco" for product "Vedge 100b Firmware" and version " < 18.3.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Vedge 100b Search vendor "Cisco" for product "Vedge 100b" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Vedge 100m Firmware Search vendor "Cisco" for product "Vedge 100m Firmware" | < 18.3.0 Search vendor "Cisco" for product "Vedge 100m Firmware" and version " < 18.3.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Vedge 100m Search vendor "Cisco" for product "Vedge 100m" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Vedge 100wm Firmware Search vendor "Cisco" for product "Vedge 100wm Firmware" | < 18.3.0 Search vendor "Cisco" for product "Vedge 100wm Firmware" and version " < 18.3.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Vedge 100wm Search vendor "Cisco" for product "Vedge 100wm" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Vedge-1000 Firmware Search vendor "Cisco" for product "Vedge-1000 Firmware" | < 18.3.0 Search vendor "Cisco" for product "Vedge-1000 Firmware" and version " < 18.3.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Vedge-1000 Search vendor "Cisco" for product "Vedge-1000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Vedge-2000 Firmware Search vendor "Cisco" for product "Vedge-2000 Firmware" | < 18.3.0 Search vendor "Cisco" for product "Vedge-2000 Firmware" and version " < 18.3.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Vedge-2000 Search vendor "Cisco" for product "Vedge-2000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Vedge-5000 Firmware Search vendor "Cisco" for product "Vedge-5000 Firmware" | < 18.3.0 Search vendor "Cisco" for product "Vedge-5000 Firmware" and version " < 18.3.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Vedge-5000 Search vendor "Cisco" for product "Vedge-5000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Vbond Orchestrator Search vendor "Cisco" for product "Vbond Orchestrator" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vedge-plus Search vendor "Cisco" for product "Vedge-plus" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vedge-pro Search vendor "Cisco" for product "Vedge-pro" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vmanage Network Management Search vendor "Cisco" for product "Vmanage Network Management" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vsmart Controller Search vendor "Cisco" for product "Vsmart Controller" | - | - |
Affected
| ||||||