Cisco vManage is a highly customizable control panel that simplifies and automates Cisco SD-WAN deployment, configuration, management and operations. An unauthorized access vulnerability exists in Cisco Catalyst SD-WAN Manager in versions 20.9.3.2 and 20.11.1.2. The vulnerability is due to failure to properly check the SAML API. An attacker could use this vulnerability to generate an authorization token sufficient to access the application.