Cisco SD-WAN Solution CVE-2018-0342 Local Buffer Overflow Vulnerability

Bugtraq ID:	104877
Class:	Design Error
CVE:	CVE-2018-0342
Remote:	No
Local:	Yes
Published:	Jul 18 2018 12:00AM
Updated:	Jul 18 2018 12:00AM
Credit:	Cisco
Vulnerable:	Cisco vSmart Controller Software 0 Cisco vManage Network Management 0 Cisco vEdge Cloud Router 0 Cisco vEdge 5000 0 Cisco vEdge 2000 0 Cisco vEdge 1000 0 Cisco vEdge 100 Series Routers 0 Cisco vBond Orchestrator 0 Cisco SD-WAN 0
Not Vulnerable:	Cisco SD-WAN 18.3

Cisco SD-WAN Solution CVE-2018-0342 Local Buffer Overflow Vulnerability

Cisco SD-WAN Solution is prone to a local buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

Attackers can exploit this issue to execute arbitrary code or cause denial-of-service condition.

This issue being tracked by Cisco Bug ID CSCvi70003.

Cisco SD-WAN Solution CVE-2018-0342 Local Buffer Overflow Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Cisco SD-WAN Solution CVE-2018-0342 Local Buffer Overflow Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Cisco SD-WAN Solution CVE-2018-0342 Local Buffer Overflow Vulnerability

References:

• Cisco Homepage (Cisco)
  
• cisco-sa-20180718-sd-wan-bo: Cisco SD-WAN Solution Local Buffer Overflow Vulner (Cisco)