Intrusion Prevention

Cisco.SD-WAN.Solution.vManage.SQL.Injection

Description

This indicates an attack attempt to exploit an SQL Injection Vulnerability in Cisco Systems SD-WAN Solution.
The vulnerability is due to lack of validation on a user supplied parameter potentially leading to SQL injection. A remote, authenticated attacker could exploit this vulnerability by sending crafted HTTP requests to the target server. Successful exploitation could result in the code execution under the security context of the database process.

Affected Products

Cisco Systems SD-WAN Solution prior to 19.2.2

Impact

System Compromise: Remote attackers can add, view, delete or modify data in the database of the affected application

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200318-vmanage-cypher-inject

CVE References

CVE-2019-16012