CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
41.6%
A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant feature to be enabled.
This vulnerability is due to insufficient user session management within the Cisco Catalyst SD-WAN Manager system. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain unauthorized access to information about another tenant, make configuration changes, or possibly take a tenant offline causing a denial of service condition.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | sd-wan_manager | * | cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:* |
[
{
"vendor": "Cisco",
"product": "Cisco SD-WAN vManage",
"versions": [
{
"version": "17.2.6",
"status": "affected"
},
{
"version": "17.2.7",
"status": "affected"
},
{
"version": "17.2.8",
"status": "affected"
},
{
"version": "17.2.9",
"status": "affected"
},
{
"version": "17.2.10",
"status": "affected"
},
{
"version": "17.2.4",
"status": "affected"
},
{
"version": "17.2.5",
"status": "affected"
},
{
"version": "18.3.1.1",
"status": "affected"
},
{
"version": "18.3.3.1",
"status": "affected"
},
{
"version": "18.3.3",
"status": "affected"
},
{
"version": "18.3.4",
"status": "affected"
},
{
"version": "18.3.5",
"status": "affected"
},
{
"version": "18.3.7",
"status": "affected"
},
{
"version": "18.3.8",
"status": "affected"
},
{
"version": "18.3.6.1",
"status": "affected"
},
{
"version": "18.3.1",
"status": "affected"
},
{
"version": "18.3.0",
"status": "affected"
},
{
"version": "18.4.0.1",
"status": "affected"
},
{
"version": "18.4.3",
"status": "affected"
},
{
"version": "18.4.302",
"status": "affected"
},
{
"version": "18.4.303",
"status": "affected"
},
{
"version": "18.4.4",
"status": "affected"
},
{
"version": "18.4.5",
"status": "affected"
},
{
"version": "18.4.0",
"status": "affected"
},
{
"version": "18.4.1",
"status": "affected"
},
{
"version": "18.4.6",
"status": "affected"
},
{
"version": "19.2.0",
"status": "affected"
},
{
"version": "19.2.097",
"status": "affected"
},
{
"version": "19.2.099",
"status": "affected"
},
{
"version": "19.2.1",
"status": "affected"
},
{
"version": "19.2.2",
"status": "affected"
},
{
"version": "19.2.3",
"status": "affected"
},
{
"version": "19.2.31",
"status": "affected"
},
{
"version": "19.2.929",
"status": "affected"
},
{
"version": "19.2.4",
"status": "affected"
},
{
"version": "20.1.1.1",
"status": "affected"
},
{
"version": "20.1.12",
"status": "affected"
},
{
"version": "20.1.1",
"status": "affected"
},
{
"version": "20.1.2",
"status": "affected"
},
{
"version": "20.1.3",
"status": "affected"
},
{
"version": "19.3.0",
"status": "affected"
},
{
"version": "19.1.0",
"status": "affected"
},
{
"version": "18.2.0",
"status": "affected"
},
{
"version": "20.3.1",
"status": "affected"
},
{
"version": "20.3.2",
"status": "affected"
},
{
"version": "20.3.2.1",
"status": "affected"
},
{
"version": "20.3.3",
"status": "affected"
},
{
"version": "20.3.3.1",
"status": "affected"
},
{
"version": "20.3.4",
"status": "affected"
},
{
"version": "20.3.4.1",
"status": "affected"
},
{
"version": "20.3.4.2",
"status": "affected"
},
{
"version": "20.3.5",
"status": "affected"
},
{
"version": "20.3.6",
"status": "affected"
},
{
"version": "20.3.7",
"status": "affected"
},
{
"version": "20.3.7.1",
"status": "affected"
},
{
"version": "20.3.4.3",
"status": "affected"
},
{
"version": "20.3.5.1",
"status": "affected"
},
{
"version": "20.3.7.2",
"status": "affected"
},
{
"version": "20.4.1",
"status": "affected"
},
{
"version": "20.4.1.1",
"status": "affected"
},
{
"version": "20.4.1.2",
"status": "affected"
},
{
"version": "20.4.2",
"status": "affected"
},
{
"version": "20.4.2.2",
"status": "affected"
},
{
"version": "20.4.2.1",
"status": "affected"
},
{
"version": "20.4.2.3",
"status": "affected"
},
{
"version": "20.5.1",
"status": "affected"
},
{
"version": "20.5.1.2",
"status": "affected"
},
{
"version": "20.5.1.1",
"status": "affected"
},
{
"version": "20.6.1",
"status": "affected"
},
{
"version": "20.6.1.1",
"status": "affected"
},
{
"version": "20.6.2.1",
"status": "affected"
},
{
"version": "20.6.2.2",
"status": "affected"
},
{
"version": "20.6.2",
"status": "affected"
},
{
"version": "20.6.3",
"status": "affected"
},
{
"version": "20.6.3.1",
"status": "affected"
},
{
"version": "20.6.1.2",
"status": "affected"
},
{
"version": "20.6.3.2",
"status": "affected"
},
{
"version": "20.6.3.3",
"status": "affected"
},
{
"version": "20.6.3.0.45",
"status": "affected"
},
{
"version": "20.6.3.0.46",
"status": "affected"
},
{
"version": "20.6.3.0.47",
"status": "affected"
},
{
"version": "20.7.1",
"status": "affected"
},
{
"version": "20.7.1.1",
"status": "affected"
},
{
"version": "20.7.2",
"status": "affected"
},
{
"version": "20.8.1",
"status": "affected"
},
{
"version": "20.9.1",
"status": "affected"
},
{
"version": "20.9.2",
"status": "affected"
},
{
"version": "20.9.2.1",
"status": "affected"
},
{
"version": "20.9.3",
"status": "affected"
},
{
"version": "20.9.3.1",
"status": "affected"
},
{
"version": "20.9.2.3",
"status": "affected"
},
{
"version": "20.9.3.0.12",
"status": "affected"
},
{
"version": "20.9.3.0.16",
"status": "affected"
},
{
"version": "20.9.3.0.17",
"status": "affected"
},
{
"version": "20.9.3.0.18",
"status": "affected"
},
{
"version": "20.9.3.0.20",
"status": "affected"
},
{
"version": "20.9.3.0.21",
"status": "affected"
},
{
"version": "20.9.3.0.23",
"status": "affected"
},
{
"version": "20.10.1",
"status": "affected"
},
{
"version": "20.10.1.1",
"status": "affected"
}
]
}
]
More