Security News > 2020 > March > Cisco Patches Several Vulnerabilities in SD-WAN Solution

Cisco Patches Several Vulnerabilities in SD-WAN Solution
2020-03-18 18:08

Cisco on Wednesday announced that it has patched a total of five vulnerabilities in its SD-WAN solution, including three that have been assigned a "High severity" rating.

The high-severity vulnerabilities - all of them reported to Cisco by Orange Group - are caused by insufficient input validation.

The security holes can impact several Cisco products if they are running an SD-WAN version prior to 19.2.2, including vBond Orchestrator, vEdge routers, vManage network management software, and vSmart controller software.

Julien Legras and Thomas Etrillard of Synacktiv informed Cisco that its SD-WAN vManage software is affected by a SQL injection and a cross-site scripting vulnerability.

Cisco says there is no evidence that these vulnerabilities have been exploited in malicious attacks.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/18HevsXgO5w/cisco-patches-several-vulnerabilities-sd-wan-solution

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751