Lucene search

China National Vulnerability DatabaseCNVD-2023-80114

HistoryOct 07, 2023 - 12:00 a.m.

Cisco Catalyst SD-WAN Manager Authorization Bypass Vulnerability

2023-10-0700:00:00

China National Vulnerability Database

www.cnvd.org.cn

cisco

catalyst

sd-wan

manager

authorization

bypass

vulnerability

session management

multi-tenant

remote attacker

sensitive information

cnvd

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

35.9%

JSON

Cisco Catalyst SD-WAN Manager is an SD-WAN network management program from Cisco (USA). A security vulnerability exists in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature, which can be exploited by a remote attacker to submit a special request for unauthorized circle access to the system, obtain sensitive information, and more.

CPENameOperatorVersion
cisco catalyst sd-wan manager <20.eq6.3.4
cisco catalyst sd-wan manager >=20.7，<20.eq9.3.2
cisco catalyst sd-wan manager >=20.10，<20.eq10.1.2
cisco catalyst sd-wan manager >=20.11，<20.eq11.1.2

Name	Operator	Version
cisco catalyst sd-wan manager <20.	eq	6.3.4
cisco catalyst sd-wan manager >=20.7，<20.	eq	9.3.2
cisco catalyst sd-wan manager >=20.10，<20.	eq	10.1.2
cisco catalyst sd-wan manager >=20.11，<20.	eq	11.1.2