Sign-up

ID

VAR-201807-1002


CVE

CVE-2018-0347


TITLE

Cisco SD-WAN Solution Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-008409

DESCRIPTION

A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting malicious input to the affected parameter. The attacker must be authenticated to access the affected parameter. A successful exploit could allow an attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers. Cisco Bug IDs: CSCvi69906. Cisco SD-WAN Solution Contains a command injection vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvi69906 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SD-WANSolution is a set of network expansion solutions running in it. A command injection vulnerability exists in the ZeroTouchProvisioning (ZTP) subsystem in versions prior to Cisco SD-WANSolution 18.3.0, which stems from a program failing to perform input validation. Cisco SD-WAN is prone to a local command-injection vulnerability

Trust: 2.52

sources: NVD: CVE-2018-0347 // JVNDB: JVNDB-2018-008409 // CNVD: CNVD-2018-14077 // BID: 104862 // VULHUB: VHN-118549

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-14077

AFFECTED PRODUCTS

vendor:ciscomodel:vedge-proscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:vsmart controllerscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:vbond orchestratorscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:vmanage network managementscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:vedge-plusscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:vedge-1000scope:ltversion:18.3.0

Trust: 1.0

vendor:ciscomodel:vedge-2000scope:ltversion:18.3.0

Trust: 1.0

vendor:ciscomodel:vedge-5000scope:ltversion:18.3.0

Trust: 1.0

vendor:ciscomodel:vedge-100scope:ltversion:18.3.0

Trust: 1.0

vendor:ciscomodel:vedge 100wmscope:ltversion:18.3.0

Trust: 1.0

vendor:ciscomodel:vedge 100bscope:ltversion:18.3.0

Trust: 1.0

vendor:ciscomodel:vedge 100mscope:ltversion:18.3.0

Trust: 1.0

vendor:ciscomodel:vbond orchestratorscope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 100scope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 1000scope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 100bscope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 100mscope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 100wmscope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 2000scope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge 5000scope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge-plusscope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge-proscope: - version: -

Trust: 0.8

vendor:ciscomodel:vmanage network managementscope: - version: -

Trust: 0.8

vendor:ciscomodel:vsmart controllerscope: - version: -

Trust: 0.8

vendor:ciscomodel:vedge series routersscope:eqversion:5000

Trust: 0.6

vendor:ciscomodel:vedge series routersscope:eqversion:2000

Trust: 0.6

vendor:ciscomodel:vedge series routersscope:eqversion:1000

Trust: 0.6

vendor:ciscomodel:vedge series routersscope:eqversion:100

Trust: 0.6

vendor:ciscomodel:vedgescope:eqversion:50000

Trust: 0.3

vendor:ciscomodel:vedgescope:eqversion:20000

Trust: 0.3

vendor:ciscomodel:vedgescope:eqversion:10000

Trust: 0.3

vendor:ciscomodel:sd-wanscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:sd-wanscope:neversion:18.3

Trust: 0.3

sources: CNVD: CNVD-2018-14077 // BID: 104862 // JVNDB: JVNDB-2018-008409 // CNNVD: CNNVD-201807-1305 // NVD: CVE-2018-0347

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0347
value: HIGH

Trust: 1.0

NVD: CVE-2018-0347
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-14077
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201807-1305
value: HIGH

Trust: 0.6

VULHUB: VHN-118549
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-0347
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-14077
severity: MEDIUM
baseScore: 6.8
vectorString: AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118549
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0347
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-14077 // VULHUB: VHN-118549 // JVNDB: JVNDB-2018-008409 // CNNVD: CNNVD-201807-1305 // NVD: CVE-2018-0347

PROBLEMTYPE DATA

problemtype:CWE-77

Trust: 1.9

sources: VULHUB: VHN-118549 // JVNDB: JVNDB-2018-008409 // NVD: CVE-2018-0347

THREAT TYPE

local

Trust: 0.9

sources: BID: 104862 // CNNVD: CNNVD-201807-1305

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-201807-1305

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-008409

PATCH
title:cisco-sa-20180718-sdwan-ciurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-ci
Trust: 0.8
title:Patch for CiscoSD-WANZeroTouchProvisioning Local Command Injection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/135521
Trust: 0.6
title:Cisco SD-WAN Solution Zero Touch Provisioning Subsystem command injection vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82206
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2018-14077 // 
            
            
            
            JVNDB: JVNDB-2018-008409 // 
            
            
            
            CNNVD: CNNVD-201807-1305

EXTERNAL IDS
db:NVDid:CVE-2018-0347
Trust: 3.4
db:BIDid:104862
Trust: 2.6
db:JVNDBid:JVNDB-2018-008409
Trust: 0.8
db:CNNVDid:CNNVD-201807-1305
Trust: 0.7
db:CNVDid:CNVD-2018-14077
Trust: 0.6
db:VULHUBid:VHN-118549
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-14077 // 
            
            
            
            VULHUB: VHN-118549 // 
            
            
            
            BID: 104862 // 
            
            
            
            JVNDB: JVNDB-2018-008409 // 
            
            
            
            CNNVD: CNNVD-201807-1305 // 
            
            
            
            NVD: CVE-2018-0347

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180718-sdwan-ci
Trust: 2.0
url:http://www.securityfocus.com/bid/104862
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2018-0347
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0347
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2018-14077 // 
            
            
            
            VULHUB: VHN-118549 // 
            
            
            
            BID: 104862 // 
            
            
            
            JVNDB: JVNDB-2018-008409 // 
            
            
            
            CNNVD: CNNVD-201807-1305 // 
            
            
            
            NVD: CVE-2018-0347

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 104862

SOURCES
db:CNVDid:CNVD-2018-14077
db:VULHUBid:VHN-118549
db:BIDid:104862
db:JVNDBid:JVNDB-2018-008409
db:CNNVDid:CNNVD-201807-1305
db:NVDid:CVE-2018-0347

LAST UPDATE DATE
2024-11-23T21:38:45.192000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-14077date:2018-07-27T00:00:00
db:VULHUBid:VHN-118549date:2019-10-09T00:00:00
db:BIDid:104862date:2018-07-18T00:00:00
db:JVNDBid:JVNDB-2018-008409date:2018-10-16T00:00:00
db:CNNVDid:CNNVD-201807-1305date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0347date:2024-11-21T03:38:01.850

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-14077date:2018-07-27T00:00:00
db:VULHUBid:VHN-118549date:2018-07-18T00:00:00
db:BIDid:104862date:2018-07-18T00:00:00
db:JVNDBid:JVNDB-2018-008409date:2018-10-16T00:00:00
db:CNNVDid:CNNVD-201807-1305date:2018-07-19T00:00:00
db:NVDid:CVE-2018-0347date:2018-07-18T23:29:00.493