6.5

CVE-2023-20261

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system.

 This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerability by logging in to Cisco Catalyst SD-WAN Manager and issuing crafted requests using the web UI. A successful exploit could allow the attacker to obtain arbitrary files from the underlying Linux file system of an affected system. To exploit this vulnerability, the attacker must be an authenticated user.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoCatalyst Sd-wan Manager Version17.2.4
CiscoCatalyst Sd-wan Manager Version17.2.5
CiscoCatalyst Sd-wan Manager Version17.2.6
CiscoCatalyst Sd-wan Manager Version17.2.7
CiscoCatalyst Sd-wan Manager Version17.2.8
CiscoCatalyst Sd-wan Manager Version17.2.9
CiscoCatalyst Sd-wan Manager Version17.2.10
CiscoCatalyst Sd-wan Manager Version18.2.0
CiscoCatalyst Sd-wan Manager Version18.3.0
CiscoCatalyst Sd-wan Manager Version18.3.1
CiscoCatalyst Sd-wan Manager Version18.3.1.1
CiscoCatalyst Sd-wan Manager Version18.3.3
CiscoCatalyst Sd-wan Manager Version18.3.3.1
CiscoCatalyst Sd-wan Manager Version18.3.4
CiscoCatalyst Sd-wan Manager Version18.3.5
CiscoCatalyst Sd-wan Manager Version18.3.6.1
CiscoCatalyst Sd-wan Manager Version18.3.7
CiscoCatalyst Sd-wan Manager Version18.3.8
CiscoCatalyst Sd-wan Manager Version18.4.0
CiscoCatalyst Sd-wan Manager Version18.4.0.1
CiscoCatalyst Sd-wan Manager Version18.4.1
CiscoCatalyst Sd-wan Manager Version18.4.3
CiscoCatalyst Sd-wan Manager Version18.4.4
CiscoCatalyst Sd-wan Manager Version18.4.5
CiscoCatalyst Sd-wan Manager Version18.4.6
CiscoCatalyst Sd-wan Manager Version18.4.302
CiscoCatalyst Sd-wan Manager Version18.4.303
CiscoCatalyst Sd-wan Manager Version19.1.0
CiscoCatalyst Sd-wan Manager Version19.2.0
CiscoCatalyst Sd-wan Manager Version19.2.1
CiscoCatalyst Sd-wan Manager Version19.2.2
CiscoCatalyst Sd-wan Manager Version19.2.3
CiscoCatalyst Sd-wan Manager Version19.2.4
CiscoCatalyst Sd-wan Manager Version19.2.31
CiscoCatalyst Sd-wan Manager Version19.2.097
CiscoCatalyst Sd-wan Manager Version19.2.099
CiscoCatalyst Sd-wan Manager Version19.2.929
CiscoCatalyst Sd-wan Manager Version19.3.0
CiscoCatalyst Sd-wan Manager Version20.1.1
CiscoCatalyst Sd-wan Manager Version20.1.1.1
CiscoCatalyst Sd-wan Manager Version20.1.2
CiscoCatalyst Sd-wan Manager Version20.1.3
CiscoCatalyst Sd-wan Manager Version20.1.12
CiscoCatalyst Sd-wan Manager Version20.3.1
CiscoCatalyst Sd-wan Manager Version20.3.2
CiscoCatalyst Sd-wan Manager Version20.3.2.1
CiscoCatalyst Sd-wan Manager Version20.3.3
CiscoCatalyst Sd-wan Manager Version20.3.3.1
CiscoCatalyst Sd-wan Manager Version20.3.4
CiscoCatalyst Sd-wan Manager Version20.3.4.1
CiscoCatalyst Sd-wan Manager Version20.3.4.2
CiscoCatalyst Sd-wan Manager Version20.3.4.3
CiscoCatalyst Sd-wan Manager Version20.3.5
CiscoCatalyst Sd-wan Manager Version20.3.5.1
CiscoCatalyst Sd-wan Manager Version20.3.6
CiscoCatalyst Sd-wan Manager Version20.3.7
CiscoCatalyst Sd-wan Manager Version20.3.7.1
CiscoCatalyst Sd-wan Manager Version20.3.7.2
CiscoCatalyst Sd-wan Manager Version20.3.8
CiscoCatalyst Sd-wan Manager Version20.4.1
CiscoCatalyst Sd-wan Manager Version20.4.1.1
CiscoCatalyst Sd-wan Manager Version20.4.1.2
CiscoCatalyst Sd-wan Manager Version20.4.2
CiscoCatalyst Sd-wan Manager Version20.4.2.1
CiscoCatalyst Sd-wan Manager Version20.4.2.2
CiscoCatalyst Sd-wan Manager Version20.4.2.3
CiscoCatalyst Sd-wan Manager Version20.5.1
CiscoCatalyst Sd-wan Manager Version20.5.1.1
CiscoCatalyst Sd-wan Manager Version20.5.1.2
CiscoCatalyst Sd-wan Manager Version20.6.1
CiscoCatalyst Sd-wan Manager Version20.6.1.1
CiscoCatalyst Sd-wan Manager Version20.6.1.2
CiscoCatalyst Sd-wan Manager Version20.6.2
CiscoCatalyst Sd-wan Manager Version20.6.2.1
CiscoCatalyst Sd-wan Manager Version20.6.2.2
CiscoCatalyst Sd-wan Manager Version20.6.3
CiscoCatalyst Sd-wan Manager Version20.6.3.0.45
CiscoCatalyst Sd-wan Manager Version20.6.3.0.46
CiscoCatalyst Sd-wan Manager Version20.6.3.0.47
CiscoCatalyst Sd-wan Manager Version20.6.3.1
CiscoCatalyst Sd-wan Manager Version20.6.3.2
CiscoCatalyst Sd-wan Manager Version20.6.3.3
CiscoCatalyst Sd-wan Manager Version20.6.3.4
CiscoCatalyst Sd-wan Manager Version20.6.4
CiscoCatalyst Sd-wan Manager Version20.6.4.0.21
CiscoCatalyst Sd-wan Manager Version20.6.4.1
CiscoCatalyst Sd-wan Manager Version20.6.4.2
CiscoCatalyst Sd-wan Manager Version20.6.5
CiscoCatalyst Sd-wan Manager Version20.6.5.1
CiscoCatalyst Sd-wan Manager Version20.6.5.1.7
CiscoCatalyst Sd-wan Manager Version20.6.5.1.9
CiscoCatalyst Sd-wan Manager Version20.6.5.1.10
CiscoCatalyst Sd-wan Manager Version20.6.5.1.11
CiscoCatalyst Sd-wan Manager Version20.6.5.1.13
CiscoCatalyst Sd-wan Manager Version20.6.5.2
CiscoCatalyst Sd-wan Manager Version20.6.5.2.4
CiscoCatalyst Sd-wan Manager Version20.6.5.2.8
CiscoCatalyst Sd-wan Manager Version20.6.5.4
CiscoCatalyst Sd-wan Manager Version20.6.5.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.323
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
psirt@cisco.com 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.