Multiple vulnerabilities in Cisco SD-WAN vManage Software

1) Improper access control

EUVDB-ID: #VU48162

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-3592

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in the web-based management interface. A remote authenticated attacker can send specially crafted HTTP requests and modify the configuration of an affected system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco SD-WAN vManage: 20.1

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanuafw-ZHkdGGEy

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper Privilege Management

EUVDB-ID: #VU48165

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-3595

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to improper privilege management. A local user can escalate privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco SD-WAN: 18.3.0 - 20.3.0

Cisco SD-WAN vBond Orchestrator: All versions

Cisco SD-WAN vEdge Routers: All versions

Cisco SD-WAN vEdge Cloud Router: All versions

Cisco SD-WAN vManage: All versions

Cisco SD-WAN vSmart Controller: All versions

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepegr-4xynYLUj

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to open a a specially crafted file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper Privilege Management

EUVDB-ID: #VU48167

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-3600

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to insufficient security controls on the CLI. A local user can escalate privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco SD-WAN: 18.3.0 - 20.3.0

Cisco SD-WAN vBond Orchestrator: All versions

Cisco SD-WAN vEdge Cloud Router: All versions

Cisco SD-WAN vEdge Routers: All versions

Cisco SD-WAN vManage: All versions

Cisco SD-WAN vSmart Controller: All versions

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepeshlg-tJghOQcA

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to open a a specially crafted file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper Privilege Management

EUVDB-ID: #VU48168

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-3594

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to improper privilege management. A local user can provide specially crafted options to a specific command and escalate privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco SD-WAN: 18.3.0 - 20.3.0

Cisco SD-WAN vBond Orchestrator: All versions

Cisco SD-WAN vEdge Cloud Router: All versions

Cisco SD-WAN vEdge Routers: All versions

Cisco SD-WAN vManage: All versions

Cisco SD-WAN vSmart Controller: All versions

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepestd-8C3J9Vc

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to open a a specially crafted file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.