Cisco SD-WAN CVE-2018-15387 Certificate Validation Security Bypass Vulnerability

Cisco SD-WAN is prone to a security-bypass vulnerability.

An attacker can exploit this issue to perform man-in-the-middle attacks and perform certain unauthorized actions, which will aid in further attacks.

This issue is being tracked by Cisco Bug ID CSCvk65292.

Information

Bugtraq ID: 105509
Class: Design Error
CVE: CVE-2018-15387

Remote: Yes
Local: No
Published: Oct 03 2018 12:00AM
Updated: Oct 03 2018 12:00AM
Credit: Joe Ksiazek
Vulnerable: Cisco vSmart Controller 0
Cisco vManage Network Management 0
Cisco vEdge Cloud Router 0
Cisco vEdge 5000 0
Cisco vEdge 2000 0
Cisco vEdge 1000 0
Cisco vEdge 100 Series Routers 0
Cisco SD-WAN 18.3
Cisco SD-WAN 0

Not Vulnerable: Cisco SD-WAN 18.3.1
Cisco SD-WAN 17.2.8

Exploit

An attacker can use readily available tools to exploit this issue.

References:

Cisco Homepage (Cisco)
Cisco SD-WAN Solution Certificate Validation Bypass Vulnerability (Cisco)

Source: www.securityfocus.com

Exploit Collector

Search Exploit