6 matches found
CVE-2026-20182 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...
VulnCheck KEV: CVE-2026-20182
May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...
Exploit for Improper Authentication in Cisco Catalyst_Sd-Wan_Manager
CVE-2026‑20127 – Remote Authentication Bypass for Cisco Cataly...
CVE-2026-20127
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected syste...
CVE-2025-11192 Fabric Engine (VOSS) AutoSense Authentication Bypass
A vulnerability in Extreme Networks’ Fabric Engine VOSS before 9.3 was discovered. When SD-WAN AutoSense is enabled on a port, it may automatically configure fabric connectivity without validating ISIS authentication settings. The SD-WAN AutoSense implementation may be exploited by malicious acto...
PT-2025-41159
Name of the Vulnerable Software and Affected Versions Extreme Networks Fabric Engine VOSS versions prior to 9.3 Description A flaw exists in Extreme Networks’ Fabric Engine VOSS where, when SD-WAN AutoSense is enabled on a port, it may automatically configure fabric connectivity without validatin...