A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2018-10-05T14:00:00Z
Updated: 2024-11-26T14:44:21.046Z
Reserved: 2017-11-27T00:00:00
Link: CVE-2018-0432
Vulnrichment
Updated: 2024-08-05T03:28:09.775Z
NVD
Status : Modified
Published: 2018-10-05T14:29:01.497
Modified: 2024-11-21T03:38:13.060
Link: CVE-2018-0432
Redhat
No data.