Hack networks using Cisco SD-WAN through SQL injection vulnerability

Another week is about to end and the report on some security flaws affecting Cisco products could not be missing. This time, IT security risk assessment experts reported the finding of a critical vulnerability in the vManage software web user interface, included in the SD-WAN product; successful exploitation of this flaw would allow an authenticated remote threat actor to perform a SQL injection attack on the target system.

The report mentions that this vulnerability exists because the web user interface incorrectly validates SQL values. A malicious hacker could abuse this flaw by authenticating themself in the target application and sending malicious SQL queries to the vulnerable system. Successful exploitation of this security flaw would allow the threat actor to modify values or even return values from the underlying database as well as the target system.

According to IT security risk assessment specialists, this SQL injection flaw affects Cisco SD-WAN vManage software versions prior to version 19.2.2. Functional alternative solutions to mitigate the risk of exploitation are not so far known. 

Cisco recognized the IT security risk assessment report and began working on the necessary fixes for this vulnerability. Shortly thereafter, the company announced the release of SD-WAN vManage version 19.2.2, which contains the mitigations needed for the vulnerability.

Cisco receives dozens of reports on potential vulnerabilities each week, so the company releases updates consistently. The International Institute of Cyber Security (IICS) recommends that users of Cisco deployments remain alert to any new security warnings to prevent the exploitation of the latest security flaws.

System administrators should also do their part of the job, verifying that devices have sufficient memory to install updates, as well as verifying that their hardware and software resources are compatible with the most recent versions released by tech companies. Maintaining constant communication with manufacturers is also recommended for system admins.