CVE-2019-1951Improper Input Validation in Cisco Sd-wan Solution

CWE-20Improper Input Validation7 documents5 sources
Severity
5.8MEDIUMNVD
EPSS
0.2%
top 53.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Sd-wan SolutionCisco Sd-wan Firmware
Timeline
PublishedAug 8
Latest updateMay 24

Description

A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by crafting a malicious TCP packet with specific characteristics and sending it to a target device. A successful exploit could allow the attacker to bypass the L3 and L4 traffic filters and inject an arbitra

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5cisco/cisco_sd-wan_solutionunspecified19.1.0

🔴Vulnerability Details

2
GHSA
GHSA-xpmg-vx7g-292w: A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic2022-05-24
CVEList
Cisco SD-WAN Solution Packet Filtering Bypass Vulnerability2019-08-08

📋Vendor Advisories

1
Cisco
Cisco SD-WAN Solution Packet Filtering Bypass Vulnerability2019-08-07

💬Community

3
Bugzilla
CVE-2019-11729 nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault2019-07-10
Bugzilla
CVE-2019-11719 nss: Out-of-bounds read when importing curve25519 private key2019-07-10
Bugzilla
CVE-2018-18508 nss: NULL pointer dereference in several CMS functions resulting in a denial of service2019-01-31
CVE-2019-1951 — Improper Input Validation in Cisco | cvebase