CVE-2023-20261

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system.

 This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerability by logging in to Cisco Catalyst SD-WAN Manager and issuing crafted requests using the web UI. A successful exploit could allow the attacker to obtain arbitrary files from the underlying Linux file system of an affected system. To exploit this vulnerability, the attacker must be an authenticated user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
ciscoCNA
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
ciscocatalyst_sd-wan_manager
17.2.4
ciscocatalyst_sd-wan_manager
17.2.5
ciscocatalyst_sd-wan_manager
17.2.6
ciscocatalyst_sd-wan_manager
17.2.7
ciscocatalyst_sd-wan_manager
17.2.8
ciscocatalyst_sd-wan_manager
17.2.9
ciscocatalyst_sd-wan_manager
17.2.10
ciscocatalyst_sd-wan_manager
18.2.0
ciscocatalyst_sd-wan_manager
18.3.0
ciscocatalyst_sd-wan_manager
18.3.1
ciscocatalyst_sd-wan_manager
18.3.1.1
ciscocatalyst_sd-wan_manager
18.3.3
ciscocatalyst_sd-wan_manager
18.3.3.1
ciscocatalyst_sd-wan_manager
18.3.4
ciscocatalyst_sd-wan_manager
18.3.5
ciscocatalyst_sd-wan_manager
18.3.6.1
ciscocatalyst_sd-wan_manager
18.3.7
ciscocatalyst_sd-wan_manager
18.3.8
ciscocatalyst_sd-wan_manager
18.4.0
ciscocatalyst_sd-wan_manager
18.4.0.1
ciscocatalyst_sd-wan_manager
18.4.1
ciscocatalyst_sd-wan_manager
18.4.3
ciscocatalyst_sd-wan_manager
18.4.4
ciscocatalyst_sd-wan_manager
18.4.5
ciscocatalyst_sd-wan_manager
18.4.6
ciscocatalyst_sd-wan_manager
18.4.302
ciscocatalyst_sd-wan_manager
18.4.303
ciscocatalyst_sd-wan_manager
19.1.0
ciscocatalyst_sd-wan_manager
19.2.0
ciscocatalyst_sd-wan_manager
19.2.1
ciscocatalyst_sd-wan_manager
19.2.2
ciscocatalyst_sd-wan_manager
19.2.3
ciscocatalyst_sd-wan_manager
19.2.4
ciscocatalyst_sd-wan_manager
19.2.31
ciscocatalyst_sd-wan_manager
19.2.097
ciscocatalyst_sd-wan_manager
19.2.099
ciscocatalyst_sd-wan_manager
19.2.929
ciscocatalyst_sd-wan_manager
19.3.0
ciscocatalyst_sd-wan_manager
20.1.1
ciscocatalyst_sd-wan_manager
20.1.1.1
ciscocatalyst_sd-wan_manager
20.1.2
ciscocatalyst_sd-wan_manager
20.1.3
ciscocatalyst_sd-wan_manager
20.1.12
ciscocatalyst_sd-wan_manager
20.3.1
ciscocatalyst_sd-wan_manager
20.3.2
ciscocatalyst_sd-wan_manager
20.3.2.1
ciscocatalyst_sd-wan_manager
20.3.3
ciscocatalyst_sd-wan_manager
20.3.3.1
ciscocatalyst_sd-wan_manager
20.3.4
ciscocatalyst_sd-wan_manager
20.3.4.1
ciscocatalyst_sd-wan_manager
20.3.4.2
ciscocatalyst_sd-wan_manager
20.3.4.3
ciscocatalyst_sd-wan_manager
20.3.5
ciscocatalyst_sd-wan_manager
20.3.5.1
ciscocatalyst_sd-wan_manager
20.3.6
ciscocatalyst_sd-wan_manager
20.3.7
ciscocatalyst_sd-wan_manager
20.3.7.1
ciscocatalyst_sd-wan_manager
20.3.7.2
ciscocatalyst_sd-wan_manager
20.3.8
ciscocatalyst_sd-wan_manager
20.4.1
ciscocatalyst_sd-wan_manager
20.4.1.1
ciscocatalyst_sd-wan_manager
20.4.1.2
ciscocatalyst_sd-wan_manager
20.4.2
ciscocatalyst_sd-wan_manager
20.4.2.1
ciscocatalyst_sd-wan_manager
20.4.2.2
ciscocatalyst_sd-wan_manager
20.4.2.3
ciscocatalyst_sd-wan_manager
20.5.1
ciscocatalyst_sd-wan_manager
20.5.1.1
ciscocatalyst_sd-wan_manager
20.5.1.2
ciscocatalyst_sd-wan_manager
20.6.1
ciscocatalyst_sd-wan_manager
20.6.1.1
ciscocatalyst_sd-wan_manager
20.6.1.2
ciscocatalyst_sd-wan_manager
20.6.2
ciscocatalyst_sd-wan_manager
20.6.2.1
ciscocatalyst_sd-wan_manager
20.6.2.2
ciscocatalyst_sd-wan_manager
20.6.3
ciscocatalyst_sd-wan_manager
20.6.3.0.45
ciscocatalyst_sd-wan_manager
20.6.3.0.46
ciscocatalyst_sd-wan_manager
20.6.3.0.47
ciscocatalyst_sd-wan_manager
20.6.3.1
ciscocatalyst_sd-wan_manager
20.6.3.2
ciscocatalyst_sd-wan_manager
20.6.3.3
ciscocatalyst_sd-wan_manager
20.6.3.4
ciscocatalyst_sd-wan_manager
20.6.4
ciscocatalyst_sd-wan_manager
20.6.4.0.21
ciscocatalyst_sd-wan_manager
20.6.4.1
ciscocatalyst_sd-wan_manager
20.6.4.2
ciscocatalyst_sd-wan_manager
20.6.5
ciscocatalyst_sd-wan_manager
20.6.5.1
ciscocatalyst_sd-wan_manager
20.6.5.1.7
ciscocatalyst_sd-wan_manager
20.6.5.1.9
ciscocatalyst_sd-wan_manager
20.6.5.1.10
ciscocatalyst_sd-wan_manager
20.6.5.1.11
ciscocatalyst_sd-wan_manager
20.6.5.1.13
ciscocatalyst_sd-wan_manager
20.6.5.2
ciscocatalyst_sd-wan_manager
20.6.5.2.4
ciscocatalyst_sd-wan_manager
20.6.5.2.8
ciscocatalyst_sd-wan_manager
20.6.5.4
ciscocatalyst_sd-wan_manager
20.6.5.5
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
ciscosd-wan_vmanage
17.2.6
CNA
ciscosd-wan_vmanage
17.2.7
CNA
ciscosd-wan_vmanage
17.2.8
CNA
ciscosd-wan_vmanage
17.2.9
CNA
ciscosd-wan_vmanage
17.2.10
CNA
ciscosd-wan_vmanage
17.2.4
CNA
ciscosd-wan_vmanage
17.2.5
CNA
ciscosd-wan_vmanage
18.3.1.1
CNA
ciscosd-wan_vmanage
18.3.3.1
CNA
ciscosd-wan_vmanage
18.3.3
CNA
ciscosd-wan_vmanage
18.3.4
CNA
ciscosd-wan_vmanage
18.3.5
CNA
ciscosd-wan_vmanage
18.3.7
CNA
ciscosd-wan_vmanage
18.3.8
CNA
ciscosd-wan_vmanage
18.3.6.1
CNA
ciscosd-wan_vmanage
18.3.1
CNA
ciscosd-wan_vmanage
18.3.0
CNA
ciscosd-wan_vmanage
18.4.0.1
CNA
ciscosd-wan_vmanage
18.4.3
CNA
ciscosd-wan_vmanage
18.4.302
CNA
ciscosd-wan_vmanage
18.4.303
CNA
ciscosd-wan_vmanage
18.4.4
CNA
ciscosd-wan_vmanage
18.4.5
CNA
ciscosd-wan_vmanage
18.4.0
CNA
ciscosd-wan_vmanage
18.4.1
CNA
ciscosd-wan_vmanage
18.4.6
CNA
ciscosd-wan_vmanage
19.2.0
CNA
ciscosd-wan_vmanage
19.2.97
CNA
ciscosd-wan_vmanage
19.2.99
CNA
ciscosd-wan_vmanage
19.2.1
CNA
ciscosd-wan_vmanage
19.2.2
CNA
ciscosd-wan_vmanage
19.2.3
CNA
ciscosd-wan_vmanage
19.2.31
CNA
ciscosd-wan_vmanage
19.2.929
CNA
ciscosd-wan_vmanage
19.2.4
CNA
ciscosd-wan_vmanage
20.1.1.1
CNA
ciscosd-wan_vmanage
20.1.12
CNA
ciscosd-wan_vmanage
20.1.1
CNA
ciscosd-wan_vmanage
20.1.2
CNA
ciscosd-wan_vmanage
20.1.3
CNA
ciscosd-wan_vmanage
19.3.0
CNA
ciscosd-wan_vmanage
19.1.0
CNA
ciscosd-wan_vmanage
18.2.0
CNA
ciscosd-wan_vmanage
20.3.1
CNA
ciscosd-wan_vmanage
20.3.2
CNA
ciscosd-wan_vmanage
20.3.2.1
CNA
ciscosd-wan_vmanage
20.3.3
CNA
ciscosd-wan_vmanage
20.3.3.1
CNA
ciscosd-wan_vmanage
20.3.4
CNA
ciscosd-wan_vmanage
20.3.4.1
CNA
ciscosd-wan_vmanage
20.3.4.2
CNA
ciscosd-wan_vmanage
20.3.5
CNA
ciscosd-wan_vmanage
20.3.6
CNA
ciscosd-wan_vmanage
20.3.7
CNA
ciscosd-wan_vmanage
20.3.7.1
CNA
ciscosd-wan_vmanage
20.3.4.3
CNA
ciscosd-wan_vmanage
20.3.5.1
CNA
ciscosd-wan_vmanage
20.3.7.2
CNA
ciscosd-wan_vmanage
20.3.8
CNA
ciscosd-wan_vmanage
20.4.1
CNA
ciscosd-wan_vmanage
20.4.1.1
CNA
ciscosd-wan_vmanage
20.4.1.2
CNA
ciscosd-wan_vmanage
20.4.2
CNA
ciscosd-wan_vmanage
20.4.2.2
CNA
ciscosd-wan_vmanage
20.4.2.1
CNA
ciscosd-wan_vmanage
20.4.2.3
CNA
ciscosd-wan_vmanage
20.5.1
CNA
ciscosd-wan_vmanage
20.5.1.2
CNA
ciscosd-wan_vmanage
20.5.1.1
CNA
ciscosd-wan_vmanage
20.6.1
CNA
ciscosd-wan_vmanage
20.6.1.1
CNA
ciscosd-wan_vmanage
20.6.2.1
CNA
ciscosd-wan_vmanage
20.6.2.2
CNA
ciscosd-wan_vmanage
20.6.2
CNA
ciscosd-wan_vmanage
20.6.3
CNA
ciscosd-wan_vmanage
20.6.3.1
CNA
ciscosd-wan_vmanage
20.6.4
CNA
ciscosd-wan_vmanage
20.6.5
CNA
ciscosd-wan_vmanage
20.6.5.1
CNA
ciscosd-wan_vmanage
20.6.1.2
CNA
ciscosd-wan_vmanage
20.6.3.2
CNA
ciscosd-wan_vmanage
20.6.4.1
CNA
ciscosd-wan_vmanage
20.6.5.2
CNA
ciscosd-wan_vmanage
20.6.5.4
CNA
ciscosd-wan_vmanage
20.6.3.3
CNA
ciscosd-wan_vmanage
20.6.4.2
CNA
ciscosd-wan_vmanage
20.6.3.0.45
CNA
ciscosd-wan_vmanage
20.6.3.0.46
CNA
ciscosd-wan_vmanage
20.6.3.0.47
CNA
ciscosd-wan_vmanage
20.6.3.4
CNA
ciscosd-wan_vmanage
20.6.4.0.21
CNA
ciscosd-wan_vmanage
20.6.5.1.10
CNA
ciscosd-wan_vmanage
20.6.5.1.11
CNA
ciscosd-wan_vmanage
20.6.5.1.7
CNA
ciscosd-wan_vmanage
20.6.5.1.9
CNA
ciscosd-wan_vmanage
20.6.5.2.4
CNA
ciscosd-wan_vmanage
20.6.5.5
CNA
ciscosd-wan_vmanage
20.6.5.2.8
CNA
ciscosd-wan_vmanage
20.6.5.1.13
CNA
Common Weakness Enumeration
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-lfi-OWLbKUGe
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-lfi-OWLbKUGe