First published: Fri Sep 30 2022(Updated: )
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination. This vulnerability exists because the GUI is accessible on self-managed cloud installations or local server installations of Cisco vManage. An attacker could exploit this vulnerability by accessing the exposed GUI of Cisco SD-AVC. A successful exploit could allow the attacker to view managed device names, SD-AVC logs, and SD-AVC DNS server IP addresses.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco SD-WAN | >=20.4.1<20.6.3 | |
Cisco SD-WAN | =20.3.4.1 | |
Cisco SD-WAN | =20.3.4.2 | |
Cisco SD-WAN | =20.3.5 | |
Cisco SD-WAN | =20.7.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-20844 is a vulnerability in the authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage.
CVE-2022-20844 allows an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination.
Versions 20.3.4.1, 20.3.4.2, 20.3.5, 20.6.3, and 20.7.1 of Cisco SD-WAN are affected by CVE-2022-20844.
CVE-2022-20844 has a severity score of 5.3 (medium).
To fix CVE-2022-20844, Cisco SD-AVC users should apply the necessary updates and patches provided by Cisco.