CVE-2023-20261
First published: Wed Oct 18 2023(Updated: )
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerability by logging in to Cisco Catalyst SD-WAN Manager and issuing crafted requests using the web UI. A successful exploit could allow the attacker to obtain arbitrary files from the underlying Linux file system of an affected system. To exploit this vulnerability, the attacker must be an authenticated user.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Catalyst SD-WAN Manager | =17.2.4 | |
| Cisco Catalyst SD-WAN Manager | =17.2.5 | |
| Cisco Catalyst SD-WAN Manager | =17.2.6 | |
| Cisco Catalyst SD-WAN Manager | =17.2.7 | |
| Cisco Catalyst SD-WAN Manager | =17.2.8 | |
| Cisco Catalyst SD-WAN Manager | =17.2.9 | |
| Cisco Catalyst SD-WAN Manager | =17.2.10 | |
| Cisco Catalyst SD-WAN Manager | =18.2.0 | |
| Cisco Catalyst SD-WAN Manager | =18.3.0 | |
| Cisco Catalyst SD-WAN Manager | =18.3.1 | |
| Cisco Catalyst SD-WAN Manager | =18.3.1.1 | |
| Cisco Catalyst SD-WAN Manager | =18.3.3 | |
| Cisco Catalyst SD-WAN Manager | =18.3.3.1 | |
| Cisco Catalyst SD-WAN Manager | =18.3.4 | |
| Cisco Catalyst SD-WAN Manager | =18.3.5 | |
| Cisco Catalyst SD-WAN Manager | =18.3.6.1 | |
| Cisco Catalyst SD-WAN Manager | =18.3.7 | |
| Cisco Catalyst SD-WAN Manager | =18.3.8 | |
| Cisco Catalyst SD-WAN Manager | =18.4.0 | |
| Cisco Catalyst SD-WAN Manager | =18.4.0.1 | |
| Cisco Catalyst SD-WAN Manager | =18.4.1 | |
| Cisco Catalyst SD-WAN Manager | =18.4.3 | |
| Cisco Catalyst SD-WAN Manager | =18.4.4 | |
| Cisco Catalyst SD-WAN Manager | =18.4.5 | |
| Cisco Catalyst SD-WAN Manager | =18.4.6 | |
| Cisco Catalyst SD-WAN Manager | =18.4.302 | |
| Cisco Catalyst SD-WAN Manager | =18.4.303 | |
| Cisco Catalyst SD-WAN Manager | =19.1.0 | |
| Cisco Catalyst SD-WAN Manager | =19.2.0 | |
| Cisco Catalyst SD-WAN Manager | =19.2.1 | |
| Cisco Catalyst SD-WAN Manager | =19.2.2 | |
| Cisco Catalyst SD-WAN Manager | =19.2.3 | |
| Cisco Catalyst SD-WAN Manager | =19.2.4 | |
| Cisco Catalyst SD-WAN Manager | =19.2.31 | |
| Cisco Catalyst SD-WAN Manager | =19.2.097 | |
| Cisco Catalyst SD-WAN Manager | =19.2.099 | |
| Cisco Catalyst SD-WAN Manager | =19.2.929 | |
| Cisco Catalyst SD-WAN Manager | =19.3.0 | |
| Cisco Catalyst SD-WAN Manager | =20.1.1 | |
| Cisco Catalyst SD-WAN Manager | =20.1.1.1 | |
| Cisco Catalyst SD-WAN Manager | =20.1.2 | |
| Cisco Catalyst SD-WAN Manager | =20.1.3 | |
| Cisco Catalyst SD-WAN Manager | =20.1.12 | |
| Cisco Catalyst SD-WAN Manager | =20.3.1 | |
| Cisco Catalyst SD-WAN Manager | =20.3.2 | |
| Cisco Catalyst SD-WAN Manager | =20.3.2.1 | |
| Cisco Catalyst SD-WAN Manager | =20.3.3 | |
| Cisco Catalyst SD-WAN Manager | =20.3.3.1 | |
| Cisco Catalyst SD-WAN Manager | =20.3.4 | |
| Cisco Catalyst SD-WAN Manager | =20.3.4.1 | |
| Cisco Catalyst SD-WAN Manager | =20.3.4.2 | |
| Cisco Catalyst SD-WAN Manager | =20.3.4.3 | |
| Cisco Catalyst SD-WAN Manager | =20.3.5 | |
| Cisco Catalyst SD-WAN Manager | =20.3.5.1 | |
| Cisco Catalyst SD-WAN Manager | =20.3.6 | |
| Cisco Catalyst SD-WAN Manager | =20.3.7 | |
| Cisco Catalyst SD-WAN Manager | =20.3.7.1 | |
| Cisco Catalyst SD-WAN Manager | =20.3.7.2 | |
| Cisco Catalyst SD-WAN Manager | =20.3.8 | |
| Cisco Catalyst SD-WAN Manager | =20.4.1 | |
| Cisco Catalyst SD-WAN Manager | =20.4.1.1 | |
| Cisco Catalyst SD-WAN Manager | =20.4.1.2 | |
| Cisco Catalyst SD-WAN Manager | =20.4.2 | |
| Cisco Catalyst SD-WAN Manager | =20.4.2.1 | |
| Cisco Catalyst SD-WAN Manager | =20.4.2.2 | |
| Cisco Catalyst SD-WAN Manager | =20.4.2.3 | |
| Cisco Catalyst SD-WAN Manager | =20.5.1 | |
| Cisco Catalyst SD-WAN Manager | =20.5.1.1 | |
| Cisco Catalyst SD-WAN Manager | =20.5.1.2 | |
| Cisco Catalyst SD-WAN Manager | =20.6.1 | |
| Cisco Catalyst SD-WAN Manager | =20.6.1.1 | |
| Cisco Catalyst SD-WAN Manager | =20.6.1.2 | |
| Cisco Catalyst SD-WAN Manager | =20.6.2 | |
| Cisco Catalyst SD-WAN Manager | =20.6.2.1 | |
| Cisco Catalyst SD-WAN Manager | =20.6.2.2 | |
| Cisco Catalyst SD-WAN Manager | =20.6.3 | |
| Cisco Catalyst SD-WAN Manager | =20.6.3.0.45 | |
| Cisco Catalyst SD-WAN Manager | =20.6.3.0.46 | |
| Cisco Catalyst SD-WAN Manager | =20.6.3.0.47 | |
| Cisco Catalyst SD-WAN Manager | =20.6.3.1 | |
| Cisco Catalyst SD-WAN Manager | =20.6.3.2 | |
| Cisco Catalyst SD-WAN Manager | =20.6.3.3 | |
| Cisco Catalyst SD-WAN Manager | =20.6.3.4 | |
| Cisco Catalyst SD-WAN Manager | =20.6.4 | |
| Cisco Catalyst SD-WAN Manager | =20.6.4.0.21 | |
| Cisco Catalyst SD-WAN Manager | =20.6.4.1 | |
| Cisco Catalyst SD-WAN Manager | =20.6.4.2 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5.1 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5.1.7 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5.1.9 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5.1.10 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5.1.11 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5.1.13 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5.2 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5.2.4 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5.2.8 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5.4 | |
| Cisco Catalyst SD-WAN Manager | =20.6.5.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-20261?
The severity of CVE-2023-20261 is classified as high due to its potential for authenticated remote attackers to retrieve arbitrary files.
How do I fix CVE-2023-20261?
To fix CVE-2023-20261, users should upgrade to the latest version of Cisco Catalyst SD-WAN Manager as recommended in Cisco's security advisory.
What versions of Cisco Catalyst SD-WAN Manager are affected by CVE-2023-20261?
CVE-2023-20261 affects Cisco Catalyst SD-WAN Manager versions 17.2.4 through 20.6.5.5.
Can CVE-2023-20261 be exploited without authentication?
No, CVE-2023-20261 requires the attacker to be authenticated to exploit the vulnerability and retrieve files.
What type of files can be retrieved due to CVE-2023-20261?
CVE-2023-20261 allows attackers to retrieve arbitrary files from the affected system, potentially exposing sensitive information.
- collector/nvd-index
- agent/type
- agent/author
- agent/softwarecombine
- agent/severity
- agent/references
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- vendor/cisco
- canonical/cisco catalyst sd-wan manager
- version/cisco catalyst sd-wan manager/17.2.4
- version/cisco catalyst sd-wan manager/17.2.5
- version/cisco catalyst sd-wan manager/17.2.6
- version/cisco catalyst sd-wan manager/17.2.7
- version/cisco catalyst sd-wan manager/17.2.8
- version/cisco catalyst sd-wan manager/17.2.9
- version/cisco catalyst sd-wan manager/17.2.10
- version/cisco catalyst sd-wan manager/18.2.0
- version/cisco catalyst sd-wan manager/18.3.0
- version/cisco catalyst sd-wan manager/18.3.1
- version/cisco catalyst sd-wan manager/18.3.1.1
- version/cisco catalyst sd-wan manager/18.3.3
- version/cisco catalyst sd-wan manager/18.3.3.1
- version/cisco catalyst sd-wan manager/18.3.4
- version/cisco catalyst sd-wan manager/18.3.5
- version/cisco catalyst sd-wan manager/18.3.6.1
- version/cisco catalyst sd-wan manager/18.3.7
- version/cisco catalyst sd-wan manager/18.3.8
- version/cisco catalyst sd-wan manager/18.4.0
- version/cisco catalyst sd-wan manager/18.4.0.1
- version/cisco catalyst sd-wan manager/18.4.1
- version/cisco catalyst sd-wan manager/18.4.3
- version/cisco catalyst sd-wan manager/18.4.4
- version/cisco catalyst sd-wan manager/18.4.5
- version/cisco catalyst sd-wan manager/18.4.6
- version/cisco catalyst sd-wan manager/18.4.302
- version/cisco catalyst sd-wan manager/18.4.303
- version/cisco catalyst sd-wan manager/19.1.0
- version/cisco catalyst sd-wan manager/19.2.0
- version/cisco catalyst sd-wan manager/19.2.1
- version/cisco catalyst sd-wan manager/19.2.2
- version/cisco catalyst sd-wan manager/19.2.3
- version/cisco catalyst sd-wan manager/19.2.4
- version/cisco catalyst sd-wan manager/19.2.31
- version/cisco catalyst sd-wan manager/19.2.097
- version/cisco catalyst sd-wan manager/19.2.099
- version/cisco catalyst sd-wan manager/19.2.929
- version/cisco catalyst sd-wan manager/19.3.0
- version/cisco catalyst sd-wan manager/20.1.1
- version/cisco catalyst sd-wan manager/20.1.1.1
- version/cisco catalyst sd-wan manager/20.1.2
- version/cisco catalyst sd-wan manager/20.1.3
- version/cisco catalyst sd-wan manager/20.1.12
- version/cisco catalyst sd-wan manager/20.3.1
- version/cisco catalyst sd-wan manager/20.3.2
- version/cisco catalyst sd-wan manager/20.3.2.1
- version/cisco catalyst sd-wan manager/20.3.3
- version/cisco catalyst sd-wan manager/20.3.3.1
- version/cisco catalyst sd-wan manager/20.3.4
- version/cisco catalyst sd-wan manager/20.3.4.1
- version/cisco catalyst sd-wan manager/20.3.4.2
- version/cisco catalyst sd-wan manager/20.3.4.3
- version/cisco catalyst sd-wan manager/20.3.5
- version/cisco catalyst sd-wan manager/20.3.5.1
- version/cisco catalyst sd-wan manager/20.3.6
- version/cisco catalyst sd-wan manager/20.3.7
- version/cisco catalyst sd-wan manager/20.3.7.1
- version/cisco catalyst sd-wan manager/20.3.7.2
- version/cisco catalyst sd-wan manager/20.3.8
- version/cisco catalyst sd-wan manager/20.4.1
- version/cisco catalyst sd-wan manager/20.4.1.1
- version/cisco catalyst sd-wan manager/20.4.1.2
- version/cisco catalyst sd-wan manager/20.4.2
- version/cisco catalyst sd-wan manager/20.4.2.1
- version/cisco catalyst sd-wan manager/20.4.2.2
- version/cisco catalyst sd-wan manager/20.4.2.3
- version/cisco catalyst sd-wan manager/20.5.1
- version/cisco catalyst sd-wan manager/20.5.1.1
- version/cisco catalyst sd-wan manager/20.5.1.2
- version/cisco catalyst sd-wan manager/20.6.1
- version/cisco catalyst sd-wan manager/20.6.1.1
- version/cisco catalyst sd-wan manager/20.6.1.2
- version/cisco catalyst sd-wan manager/20.6.2
- version/cisco catalyst sd-wan manager/20.6.2.1
- version/cisco catalyst sd-wan manager/20.6.2.2
- version/cisco catalyst sd-wan manager/20.6.3
- version/cisco catalyst sd-wan manager/20.6.3.0.45
- version/cisco catalyst sd-wan manager/20.6.3.0.46
- version/cisco catalyst sd-wan manager/20.6.3.0.47
- version/cisco catalyst sd-wan manager/20.6.3.1
- version/cisco catalyst sd-wan manager/20.6.3.2
- version/cisco catalyst sd-wan manager/20.6.3.3
- version/cisco catalyst sd-wan manager/20.6.3.4
- version/cisco catalyst sd-wan manager/20.6.4
- version/cisco catalyst sd-wan manager/20.6.4.0.21
- version/cisco catalyst sd-wan manager/20.6.4.1
- version/cisco catalyst sd-wan manager/20.6.4.2
- version/cisco catalyst sd-wan manager/20.6.5
- version/cisco catalyst sd-wan manager/20.6.5.1
- version/cisco catalyst sd-wan manager/20.6.5.1.7
- version/cisco catalyst sd-wan manager/20.6.5.1.9
- version/cisco catalyst sd-wan manager/20.6.5.1.10
- version/cisco catalyst sd-wan manager/20.6.5.1.11
- version/cisco catalyst sd-wan manager/20.6.5.1.13
- version/cisco catalyst sd-wan manager/20.6.5.2
- version/cisco catalyst sd-wan manager/20.6.5.2.4
- version/cisco catalyst sd-wan manager/20.6.5.2.8
- version/cisco catalyst sd-wan manager/20.6.5.4
- version/cisco catalyst sd-wan manager/20.6.5.5