Lucene search
PRIOn knowledge basePRION:CVE-2022-20830HistoryOct 10, 2022 - 9:15 p.m.
Authentication flaw
2022-10-1021:15:00
PRIOn knowledge base
www.prio-n.com
4
cisco
authentication
vulnerability
gui
sd-avc
exploit
remote access
cloud installation
server installation
dns server
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. This vulnerability exists because the GUI is accessible on self-managed cloud installations or local server installations of Cisco vManage. An attacker could exploit this vulnerability by accessing the exposed GUI of Cisco SD-AVC. A successful exploit could allow the attacker to view managed device names, SD-AVC logs, and SD-AVC DNS server IP addresses.
| CPE | Name | Operator | Version |
|---|---|---|---|
| catalyst_sd-wan_manager | ge | 20.4 | |
| catalyst_sd-wan_manager | lt | 20.6.1 | |
| catalyst_sd-wan_manager | eq | 20.7 | |
| sd-wan_vmanage | ge | 18.4 | |
| sd-wan_vmanage | lt | 20.3.4.1 |
Related
cisco
cisco
nvd
nvd
CVE-2022-20830
2022-10-10 21:15:10
cvelist
cvelist
cve
cve
CVE-2022-20830
2022-10-10 21:15:10
