CVE-2019-1647
Description
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to bypass authentication and have direct unauthorized access to other vSmart containers. The vulnerability is due to an insecure default configuration of the affected system. An attacker could exploit this vulnerability by directly connecting to the exposed services. An exploit could allow the attacker to retrieve and modify critical system files.
Risk Information
Base Score
8.0
MODERATE
Vector
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.853
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco SD-WAN Solution Unauthorized Access Vulnerability For Cisco SD-WAN | NCM |
| Improper Access Control Vulnerability (CVE-2019-1647) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1705297 | Security Update for Cisco SD-WAN sdwan-20.4(0.55) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234