Cisco SD-WAN Software Vulnerability Discovered
CVE-2020-26071
Key Information
- Vendor
- Cisco
- Status
- Cisco Catalyst Sd-wan Manager
- Cisco Sd-wan Vcontainer
- Cisco Sd-wan Vedge Cloud
- Cisco Sd-wan Vedge Router
- Vendor
- CVE Published:
- 18 November 2024
Summary
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation for specific commands. An attacker could exploit this vulnerability by including crafted arguments to those specific commands. A successful exploit could allow the attacker to create or overwrite arbitrary files on the affected device, which could result in a DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Affected Version(s)
Cisco Catalyst SD-WAN Manager = 20.1.12
Cisco Catalyst SD-WAN Manager = 19.2.1
Cisco Catalyst SD-WAN Manager = 18.4.4
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved