Cisco SD-WAN CVE-2018-0434 Certificate Validation Security Bypass Vulnerability
BID:105294
CVE-2018-434 |Info
Cisco SD-WAN CVE-2018-0434 Certificate Validation Security Bypass Vulnerability
| Bugtraq ID: | 105294 |
| Class: | Design Error |
| CVE: |
CVE-2018-0434 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 05 2018 12:00AM |
| Updated: | Sep 05 2018 12:00AM |
| Credit: | Cisco |
| Vulnerable: |
Cisco vManage Network Management 0 Cisco vEdge 5000 0 Cisco vEdge 2000 0 Cisco vEdge 1000 0 Cisco vEdge 100 Series Routers 0 Cisco SD-WAN 0 |
| Not Vulnerable: |
Cisco SD-WAN 18.3 |
Discussion
Cisco SD-WAN CVE-2018-0434 Certificate Validation Security Bypass Vulnerability
Cisco SD-WAN is prone to a security-bypass vulnerability.
An attacker can exploit this issue to perform man-in-the-middle attacks and perform certain unauthorized actions, which will aid in further attacks.
This issue is being tracked by Cisco Bug ID CSCvi69940.
Cisco SD-WAN is prone to a security-bypass vulnerability.
An attacker can exploit this issue to perform man-in-the-middle attacks and perform certain unauthorized actions, which will aid in further attacks.
This issue is being tracked by Cisco Bug ID CSCvi69940.
Exploit / POC
Cisco SD-WAN CVE-2018-0434 Certificate Validation Security Bypass Vulnerability
An attacker can use readily available tools to exploit this issue.
An attacker can use readily available tools to exploit this issue.