Security News > 2019 > January > Cisco fixes security holes in SD-WAN, Webex, Small Business routers

Cisco fixes security holes in SD-WAN, Webex, Small Business routers
2019-01-24 09:58

Cisco has fixed a heap of security holes in a variety of its products, including a critical one affecting its SD-WAN Solution. Cisco SD-WAN vulnerabilities The most critical among the flaws fixed are a buffer overflow vulnerability (CVE-2019-1651) and a high risk unauthorized access flaw (CVE-2019-1647) affecting any Cisco vSmart Controller Software versions running a release of the Cisco SD-WAN Solution prior to 18.4.0. CVE-2019-1651 could be exploited by sending a malicious file to an … More → The post Cisco fixes security holes in SD-WAN, Webex, Small Business routers appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/BqmZQM2dJt8/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-01-24 CVE-2019-1647 Improper Access Control vulnerability in Cisco Sd-Wan and Vsmart Controller
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to bypass authentication and have direct unauthorized access to other vSmart containers.
low complexity
cisco CWE-284
8.0
2019-01-24 CVE-2019-1651 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Vsmart Controller
A vulnerability in the vContainer of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and execute arbitrary code as the root user.
network
low complexity
cisco CWE-119
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1771 1669 288 3749