CVE-2024-20475

25.09.2024, 17:15

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.

Cross-site Scripting

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.4 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
cisco	CNA	6.4 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 25%

Vendor	Product	Version
cisco	catalyst_sd-wan_manager	20.6.0.18.3
cisco	catalyst_sd-wan_manager	20.6.0.18.4
cisco	catalyst_sd-wan_manager	20.6.1
cisco	catalyst_sd-wan_manager	20.6.1.0.1
cisco	catalyst_sd-wan_manager	20.6.1.1
cisco	catalyst_sd-wan_manager	20.6.1.2
cisco	catalyst_sd-wan_manager	20.6.2
cisco	catalyst_sd-wan_manager	20.6.2.0.4
cisco	catalyst_sd-wan_manager	20.6.2.1
cisco	catalyst_sd-wan_manager	20.6.2.2
cisco	catalyst_sd-wan_manager	20.6.2.2.2
cisco	catalyst_sd-wan_manager	20.6.2.2.3
cisco	catalyst_sd-wan_manager	20.6.2.2.4
cisco	catalyst_sd-wan_manager	20.6.2.2.7
cisco	catalyst_sd-wan_manager	20.6.3
cisco	catalyst_sd-wan_manager	20.6.3.0.2
cisco	catalyst_sd-wan_manager	20.6.3.0.5
cisco	catalyst_sd-wan_manager	20.6.3.0.7
cisco	catalyst_sd-wan_manager	20.6.3.0.10
cisco	catalyst_sd-wan_manager	20.6.3.0.11
cisco	catalyst_sd-wan_manager	20.6.3.0.14
cisco	catalyst_sd-wan_manager	20.6.3.0.18
cisco	catalyst_sd-wan_manager	20.6.3.0.19
cisco	catalyst_sd-wan_manager	20.6.3.0.23
cisco	catalyst_sd-wan_manager	20.6.3.0.25
cisco	catalyst_sd-wan_manager	20.6.3.0.27
cisco	catalyst_sd-wan_manager	20.6.3.0.29
cisco	catalyst_sd-wan_manager	20.6.3.0.33
cisco	catalyst_sd-wan_manager	20.6.3.0.39
cisco	catalyst_sd-wan_manager	20.6.3.0.40
cisco	catalyst_sd-wan_manager	20.6.3.0.47
cisco	catalyst_sd-wan_manager	20.6.3.0.51
cisco	catalyst_sd-wan_manager	20.6.3.1.1
cisco	catalyst_sd-wan_manager	20.6.3.2
cisco	catalyst_sd-wan_manager	20.6.3.3
cisco	catalyst_sd-wan_manager	20.6.3.4
cisco	catalyst_sd-wan_manager	20.6.4.0.19
cisco	catalyst_sd-wan_manager	20.6.4.1
cisco	catalyst_sd-wan_manager	20.6.5.1
cisco	catalyst_sd-wan_manager	20.6.5.1.5
cisco	catalyst_sd-wan_manager	20.6.5.1.7
cisco	catalyst_sd-wan_manager	20.6.5.1.10
cisco	catalyst_sd-wan_manager	20.6.5.1.11
cisco	catalyst_sd-wan_manager	20.6.5.1.14
cisco	catalyst_sd-wan_manager	20.6.5.2
cisco	catalyst_sd-wan_manager	20.6.5.2.3
cisco	catalyst_sd-wan_manager	20.6.5.2.4
cisco	catalyst_sd-wan_manager	20.6.5.4
cisco	catalyst_sd-wan_manager	20.6.6.0.1
cisco	catalyst_sd-wan_manager	20.6.7
cisco	catalyst_sd-wan_manager	20.7.1
cisco	catalyst_sd-wan_manager	20.7.1.0.2
cisco	catalyst_sd-wan_manager	20.7.1.1
cisco	catalyst_sd-wan_manager	20.7.1eft2:eft2
cisco	catalyst_sd-wan_manager	20.7.2
cisco	catalyst_sd-wan_manager	20.8.1
cisco	catalyst_sd-wan_manager	20.9.1_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.9.2.2
cisco	catalyst_sd-wan_manager	20.9.2.3
cisco	catalyst_sd-wan_manager	20.9.3
cisco	catalyst_sd-wan_manager	20.9.3.0.3
cisco	catalyst_sd-wan_manager	20.9.3.0.4
cisco	catalyst_sd-wan_manager	20.9.3.0.12
cisco	catalyst_sd-wan_manager	20.9.3.0.18
cisco	catalyst_sd-wan_manager	20.9.3.0.21
cisco	catalyst_sd-wan_manager	20.9.3.0.23
cisco	catalyst_sd-wan_manager	20.9.3.0.24
cisco	catalyst_sd-wan_manager	20.9.3.0.25
cisco	catalyst_sd-wan_manager	20.9.3.0.26
cisco	catalyst_sd-wan_manager	20.9.3_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.9.4
cisco	catalyst_sd-wan_manager	20.9.4.0.4
cisco	catalyst_sd-wan_manager	20.9.4.1
cisco	catalyst_sd-wan_manager	20.9.4.1.1
cisco	catalyst_sd-wan_manager	20.9.4.1.3
cisco	catalyst_sd-wan_manager	20.9.4.1_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.9.4_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.9.5
cisco	catalyst_sd-wan_manager	20.9.5.1
cisco	catalyst_sd-wan_manager	20.9.5.1_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.9.5.2_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.9.5_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.10.1
cisco	catalyst_sd-wan_manager	20.10.1.1
cisco	catalyst_sd-wan_manager	20.10.1.2
cisco	catalyst_sd-wan_manager	20.10.1_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.11.1
cisco	catalyst_sd-wan_manager	20.11.1.1
cisco	catalyst_sd-wan_manager	20.11.1.2
cisco	catalyst_sd-wan_manager	20.11.1_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.12.1
cisco	catalyst_sd-wan_manager	20.12.1_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.12.2
cisco	catalyst_sd-wan_manager	20.12.2_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.12.3
cisco	catalyst_sd-wan_manager	20.12.3.1
cisco	catalyst_sd-wan_manager	20.12.3_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.12.4
cisco	catalyst_sd-wan_manager	20.13.1
cisco	catalyst_sd-wan_manager	20.13.1_li_images:_li_images
cisco	catalyst_sd-wan_manager	20.14.1
cisco	catalyst_sd-wan_manager	20.14.1_li_images:_li_images

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd