CVE-2019-1651

A vulnerability in the vContainer of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and execute arbitrary code as the root user. The vulnerability is due to improper bounds checking by the vContainer. An attacker could exploit this vulnerability by sending a malicious file to an affected vContainer instance. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected vContainer, which could result in a DoS condition that the attacker could use to execute arbitrary code as the root user.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:37

Type Values Removed Values Added
CVSS v2 : 9.0
v3 : 8.8
v2 : 9.0
v3 : 9.9
References () http://www.securityfocus.com/bid/106703 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/106703 - Third Party Advisory, VDB Entry
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-bo - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-bo - Vendor Advisory

Information

Published : 2019-01-24 15:29

Updated : 2024-11-21 04:37


NVD link : CVE-2019-1651

Mitre link : CVE-2019-1651

CVE.ORG link : CVE-2019-1651


JSON object : View

Products Affected

cisco

  • vsmart_controller
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer