cisco-sa-sdavc-ZA5fpXX2: Cisco Software-Defined Application Visibility and Control on Cisco vManage Static Username and Password Vulnerability
First published: Wed Sep 28 2022(Updated: )
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination. This vulnerability exists because the GUI is accessible on self-managed cloud installations or local server installations of Cisco vManage. An attacker could exploit this vulnerability by accessing the exposed GUI of Cisco SD-AVC. A successful exploit could allow the attacker to view managed device names, SD-AVC logs, and SD-AVC DNS server IP addresses. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdavc-ZA5fpXX2
Credit: This vulnerability was found during the resolution a Cisco TAC support case
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco SD-WAN vManage | =20.9<20.9.1=20.8<20.8.11=20.7<20.7.21>=18.3 and earlier=18.4=19.2=20.1=20.3.2 through 20.3.4=20.3.4.120.3.4.220.3.5=20.4=20.5<=20.6<20.6.31 | 20.9.1 20.8.11 20.7.21 20.6.31 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-sdavc-ZA5fpXX2?
The severity of cisco-sa-sdavc-ZA5fpXX2 is classified as critical due to the potential for unauthorized access.
How do I fix cisco-sa-sdavc-ZA5fpXX2?
To fix cisco-sa-sdavc-ZA5fpXX2, upgrade to an unaffected version of Cisco vManage as specified in the advisory.
Which versions of Cisco vManage are affected by cisco-sa-sdavc-ZA5fpXX2?
Affected versions by cisco-sa-sdavc-ZA5fpXX2 include various releases from 18.3 to 20.9.1.
What type of attack can exploit cisco-sa-sdavc-ZA5fpXX2?
cisco-sa-sdavc-ZA5fpXX2 can be exploited by unauthenticated remote attackers gaining GUI access.
Is there a workaround for cisco-sa-sdavc-ZA5fpXX2?
There are no known workarounds for mitigating the cisco-sa-sdavc-ZA5fpXX2 vulnerability.
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/weakness
- agent/references
- agent/severity
- agent/title
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco sd-wan vmanage
- version/cisco sd-wan vmanage/20.9
- version/cisco sd-wan vmanage/20.8
- version/cisco sd-wan vmanage/20.7
- version/cisco sd-wan vmanage/18.3 and earlier
- version/cisco sd-wan vmanage/18.4
- version/cisco sd-wan vmanage/19.2
- version/cisco sd-wan vmanage/20.1
- version/cisco sd-wan vmanage/20.3.2 through 20.3.4
- version/cisco sd-wan vmanage/20.3.4.120.3.4.220.3.5
- version/cisco sd-wan vmanage/20.4
- version/cisco sd-wan vmanage/20.5
- version/cisco sd-wan vmanage/20.6