CVE-2018-0432

CVE-2018-0432: Cisco SD-WAN Solution Privilege Escalation Vulnerability

Vendor Cisco

Product Cisco SD-WAN Solution

Weakness CWE-264

Published October 5, 2018

Last update November 26, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the error reporting application configuration. An attacker could exploit this vulnerability by sending a crafted command to the error reporting feature. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.

Key dates

02Disclosure timeline

October 5, 2018 CVE published

November 26, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-0432

Related vulnerabilities

CVE-2018-0432: Cisco SD-WAN Solution Privilege Escalation Vulnerability

01Description

02Disclosure timeline

03References

04Related CVE