CNVD-2018-21254

Vulnerability from cnvd - Published: 2018-10-18
VLAI Severity ?
Title
Cisco SD-WAN证书验证安全绕过漏洞
Description
Cisco vEdge 100 Series Routers等都是美国思科(Cisco)公司的不同系列的路由器产品。SD-WAN Solution是运行在其中的一套网络扩展解决方案。 Cisco SD-WAN Solution 17.2.8之前版本和18.3.1之前版本中存在安全漏洞,该漏洞源于程序未能正确的验证证书。远程攻击者可通过向受影响的设备提交使用特制证书所签名的系统镜像利用该漏洞绕过证书检测,部署特制的系统镜像。
Severity
Patch Name
Cisco SD-WAN证书验证安全绕过漏洞的补丁
Patch Description
Cisco vEdge 100 Series Routers等都是美国思科(Cisco)公司的不同系列的路由器产品。SD-WAN Solution是运行在其中的一套网络扩展解决方案。 Cisco SD-WAN Solution 17.2.8之前版本和18.3.1之前版本中存在安全漏洞,该漏洞源于程序未能正确的验证证书。远程攻击者可通过向受影响的设备提交使用特制证书所签名的系统镜像利用该漏洞绕过证书检测,部署特制的系统镜像。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-sd-wan-bypass

Reference
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-sd-wan-bypass
Impacted products
Name
['Cisco vBond Orchestrator Software', 'Cisco vManage Network Management Software', 'Cisco vSmart Controller Software', 'Cisco vEdge Cloud Router Platform', 'Cisco vEdge 5000 Series Routers', 'Cisco vEdge 2000 Series Routers', 'Cisco vEdge 100 Series Routers']
Show details on source website
To clipboard 

{
  "bids": {
    "bid": {
      "bidNumber": "105509"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-15387"
    }
  },
  "description": "Cisco vEdge 100 Series Routers\u7b49\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e0d\u540c\u7cfb\u5217\u7684\u8def\u7531\u5668\u4ea7\u54c1\u3002SD-WAN Solution\u662f\u8fd0\u884c\u5728\u5176\u4e2d\u7684\u4e00\u5957\u7f51\u7edc\u6269\u5c55\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nCisco SD-WAN Solution 17.2.8\u4e4b\u524d\u7248\u672c\u548c18.3.1\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u9a8c\u8bc1\u8bc1\u4e66\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u63d0\u4ea4\u4f7f\u7528\u7279\u5236\u8bc1\u4e66\u6240\u7b7e\u540d\u7684\u7cfb\u7edf\u955c\u50cf\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8bc1\u4e66\u68c0\u6d4b\uff0c\u90e8\u7f72\u7279\u5236\u7684\u7cfb\u7edf\u955c\u50cf\u3002",
  "discovererName": "Joe Ksiazek",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-sd-wan-bypass",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-21254",
  "openTime": "2018-10-18",
  "patchDescription": "Cisco vEdge 100 Series Routers\u7b49\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e0d\u540c\u7cfb\u5217\u7684\u8def\u7531\u5668\u4ea7\u54c1\u3002SD-WAN Solution\u662f\u8fd0\u884c\u5728\u5176\u4e2d\u7684\u4e00\u5957\u7f51\u7edc\u6269\u5c55\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nCisco SD-WAN Solution 17.2.8\u4e4b\u524d\u7248\u672c\u548c18.3.1\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u9a8c\u8bc1\u8bc1\u4e66\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u63d0\u4ea4\u4f7f\u7528\u7279\u5236\u8bc1\u4e66\u6240\u7b7e\u540d\u7684\u7cfb\u7edf\u955c\u50cf\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8bc1\u4e66\u68c0\u6d4b\uff0c\u90e8\u7f72\u7279\u5236\u7684\u7cfb\u7edf\u955c\u50cf\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco SD-WAN\u8bc1\u4e66\u9a8c\u8bc1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco vBond Orchestrator Software",
      "Cisco vManage Network Management Software",
      "Cisco vSmart Controller Software",
      "Cisco vEdge Cloud Router Platform",
      "Cisco vEdge 5000 Series Routers",
      "Cisco vEdge 2000 Series Routers",
      "Cisco vEdge 100 Series Routers"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-sd-wan-bypass",
  "serverity": "\u9ad8",
  "submitTime": "2018-10-09",
  "title": "Cisco SD-WAN\u8bc1\u4e66\u9a8c\u8bc1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.