Cisco SD-WAN vManage Unauthenticated REST API Access Vulnerability
|
System information
|
| |
|
|
Affected software |
Cisco |
Description
|
A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write permissions to the configuration of an affected Cisco SD-WAN vManage instance. This vulnerability is due to insufficient request validation when using the REST API feature. An attacker could exploit this vulnerability by sending a crafted API request to an affected vManage instance. A successful
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-unauthapi-sphCLYPA?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20SD-WAN%20vManage%20Unauthenticated%20REST%20API%20Access%20Vulnerability&vs_k=1 |
Standar resources
|
|
Property |
Value |
|
CVE |
CVE-2023-20214. |
