CVE-2019-16012
published 2020-03-19CVE-2019-16012: A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an…
PriorityP265high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
EPSS
54.25%
98.9th percentile
A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_vmanage_software | — | — |
| cisco | sd-wan_firmware | < 19.2.2 | 19.2.2 |
| cisco | sd-wan_solution_vmanage | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Authenticated SQL injection via the vManage web UI — monitor for malicious SQL query patterns in HTTP requests sent to the Cisco SD-WAN vManage web interface by authenticated users ↗
- →The root cause is improper validation of SQL values in the web UI — focus detection on SQL metacharacters/injection payloads in parameters handled by the vManage web UI endpoints ↗
- →Track Cisco bug IDs CSCvr42496 and CSCvs49675 for patch status; unpatched vManage instances should be prioritised for monitoring ↗
- ·Exploitation requires prior authentication — ensure vManage web UI access is restricted to trusted, authorised users and monitor for anomalous authenticated sessions preceding unusual database activity ↗
- ·No workarounds exist for this vulnerability; patching is the only remediation path ↗
- ·Successful exploitation can affect both the underlying database and the operating system, indicating potential for OS-level command execution beyond data exfiltration/modification ↗
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
nvdv3.05.4MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
nvdv2.08.5HIGHAV:N/AC:L/Au:S/C:C/I:C/A:N
vendor_cisco5.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco SD-WAN Solution vManage SQL Injection Vulnerability
vendor_cisco·2020-03-18·CVSS 5.4
CVE-2019-16012 [MEDIUM] CWE-77 Cisco SD-WAN Solution vManage SQL Injection Vulnerability
Cisco SD-WAN Solution vManage SQL Injection Vulnerability
A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-
Cisco
Cisco SD-WAN Solution vManage SQL Injection Vulnerability
vendor_cisco·CVSS 3.0
CVE-2019-16012 Cisco SD-WAN Solution vManage SQL Injection Vulnerability
CVE-2019-16012: Cisco SD-WAN Solution vManage SQL Injection Vulnerability
A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system. There are no
CVSS: 3.0
CWE: CWE-77, CWE-77
Bug IDs: CSCvr42496, CSCvs49675
GHSA
GHSA-2c85-mrfp-x4x7: A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks
ghsa_unreviewed·2022-05-24
CVE-2019-16012 [HIGH] CWE-77 GHSA-2c85-mrfp-x4x7: A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks
A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on, or return values from, the underlying database as well as the operating system.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-03-19
Published