CVE-2023-20254

Summary

A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant feature to be enabled. This vulnerability is due to insufficient user session management within the Cisco Catalyst SD-WAN Manager system. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain unauthorized access to information about another tenant, make configuration changes, or possibly take a tenant offline causing a denial of service condition.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco SD-WAN vManage17.2.6affected
CiscoCisco SD-WAN vManage17.2.7affected
CiscoCisco SD-WAN vManage17.2.8affected
CiscoCisco SD-WAN vManage17.2.9affected
CiscoCisco SD-WAN vManage17.2.10affected
CiscoCisco SD-WAN vManage17.2.4affected
CiscoCisco SD-WAN vManage17.2.5affected
CiscoCisco SD-WAN vManage18.3.1.1affected
CiscoCisco SD-WAN vManage18.3.3.1affected
CiscoCisco SD-WAN vManage18.3.3affected
CiscoCisco SD-WAN vManage18.3.4affected
CiscoCisco SD-WAN vManage18.3.5affected
CiscoCisco SD-WAN vManage18.3.7affected
CiscoCisco SD-WAN vManage18.3.8affected
CiscoCisco SD-WAN vManage18.3.6.1affected
CiscoCisco SD-WAN vManage18.3.1affected
CiscoCisco SD-WAN vManage18.3.0affected
CiscoCisco SD-WAN vManage18.4.0.1affected
CiscoCisco SD-WAN vManage18.4.3affected
CiscoCisco SD-WAN vManage18.4.302affected
CiscoCisco SD-WAN vManage18.4.303affected
CiscoCisco SD-WAN vManage18.4.4affected
CiscoCisco SD-WAN vManage18.4.5affected
CiscoCisco SD-WAN vManage18.4.0affected
CiscoCisco SD-WAN vManage18.4.1affected
CiscoCisco SD-WAN vManage18.4.6affected
CiscoCisco SD-WAN vManage19.2.0affected
CiscoCisco SD-WAN vManage19.2.097affected
CiscoCisco SD-WAN vManage19.2.099affected
CiscoCisco SD-WAN vManage19.2.1affected
CiscoCisco SD-WAN vManage19.2.2affected
CiscoCisco SD-WAN vManage19.2.3affected
CiscoCisco SD-WAN vManage19.2.31affected
CiscoCisco SD-WAN vManage19.2.929affected
CiscoCisco SD-WAN vManage19.2.4affected
CiscoCisco SD-WAN vManage20.1.1.1affected
CiscoCisco SD-WAN vManage20.1.12affected
CiscoCisco SD-WAN vManage20.1.1affected
CiscoCisco SD-WAN vManage20.1.2affected
CiscoCisco SD-WAN vManage20.1.3affected
CiscoCisco SD-WAN vManage19.3.0affected
CiscoCisco SD-WAN vManage19.1.0affected
CiscoCisco SD-WAN vManage18.2.0affected
CiscoCisco SD-WAN vManage20.3.1affected
CiscoCisco SD-WAN vManage20.3.2affected
CiscoCisco SD-WAN vManage20.3.2.1affected
CiscoCisco SD-WAN vManage20.3.3affected
CiscoCisco SD-WAN vManage20.3.3.1affected
CiscoCisco SD-WAN vManage20.3.4affected
CiscoCisco SD-WAN vManage20.3.4.1affected
CiscoCisco SD-WAN vManage20.3.4.2affected
CiscoCisco SD-WAN vManage20.3.5affected
CiscoCisco SD-WAN vManage20.3.6affected
CiscoCisco SD-WAN vManage20.3.7affected
CiscoCisco SD-WAN vManage20.3.7.1affected
CiscoCisco SD-WAN vManage20.3.4.3affected
CiscoCisco SD-WAN vManage20.3.5.1affected
CiscoCisco SD-WAN vManage20.3.7.2affected
CiscoCisco SD-WAN vManage20.4.1affected
CiscoCisco SD-WAN vManage20.4.1.1affected
CiscoCisco SD-WAN vManage20.4.1.2affected
CiscoCisco SD-WAN vManage20.4.2affected
CiscoCisco SD-WAN vManage20.4.2.2affected
CiscoCisco SD-WAN vManage20.4.2.1affected
CiscoCisco SD-WAN vManage20.4.2.3affected
CiscoCisco SD-WAN vManage20.5.1affected
CiscoCisco SD-WAN vManage20.5.1.2affected
CiscoCisco SD-WAN vManage20.5.1.1affected
CiscoCisco SD-WAN vManage20.6.1affected
CiscoCisco SD-WAN vManage20.6.1.1affected
CiscoCisco SD-WAN vManage20.6.2.1affected
CiscoCisco SD-WAN vManage20.6.2.2affected
CiscoCisco SD-WAN vManage20.6.2affected
CiscoCisco SD-WAN vManage20.6.3affected
CiscoCisco SD-WAN vManage20.6.3.1affected
CiscoCisco SD-WAN vManage20.6.1.2affected
CiscoCisco SD-WAN vManage20.6.3.2affected
CiscoCisco SD-WAN vManage20.6.3.3affected
CiscoCisco SD-WAN vManage20.6.3.0.45affected
CiscoCisco SD-WAN vManage20.6.3.0.46affected
CiscoCisco SD-WAN vManage20.6.3.0.47affected
CiscoCisco SD-WAN vManage20.7.1affected
CiscoCisco SD-WAN vManage20.7.1.1affected
CiscoCisco SD-WAN vManage20.7.2affected
CiscoCisco SD-WAN vManage20.8.1affected
CiscoCisco SD-WAN vManage20.9.1affected
CiscoCisco SD-WAN vManage20.9.2affected
CiscoCisco SD-WAN vManage20.9.2.1affected
CiscoCisco SD-WAN vManage20.9.3affected
CiscoCisco SD-WAN vManage20.9.3.1affected
CiscoCisco SD-WAN vManage20.9.2.3affected
CiscoCisco SD-WAN vManage20.9.3.0.12affected
CiscoCisco SD-WAN vManage20.9.3.0.16affected
CiscoCisco SD-WAN vManage20.9.3.0.17affected
CiscoCisco SD-WAN vManage20.9.3.0.18affected
CiscoCisco SD-WAN vManage20.9.3.0.20affected
CiscoCisco SD-WAN vManage20.9.3.0.21affected
CiscoCisco SD-WAN vManage20.9.3.0.23affected
CiscoCisco SD-WAN vManage20.10.1affected
CiscoCisco SD-WAN vManage20.10.1.1affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References