cisco-sa-sdwan-avc-NddSGB8: Cisco Software-Defined Application Visibility and Control on Cisco vManage Authentication Bypass Vulnerability
First published: Wed Sep 28 2022(Updated: )
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. This vulnerability exists because the GUI is accessible on self-managed cloud installations or local server installations of Cisco vManage. An attacker could exploit this vulnerability by accessing the exposed GUI of Cisco SD-AVC. A successful exploit could allow the attacker to view managed device names, SD-AVC logs, and SD-AVC DNS server IP addresses. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-avc-NddSGB8
Credit: This vulnerability was found during the resolution a Cisco TAC support case
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco SD-WAN vManage | =20.7<20.7.1>=20.4=20.5<=20.6<20.6.1>=18.3 and earlier=18.4=19.2=20.1<=20.3<20.3.4.120.3.5 | 20.7.1 20.6.1 20.3.4.120.3.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-sdwan-avc-NddSGB8?
The severity of the vulnerability cisco-sa-sdwan-avc-NddSGB8 is classified as high due to the potential for unauthenticated remote access.
How do I fix cisco-sa-sdwan-avc-NddSGB8?
To remediate the vulnerability cisco-sa-sdwan-avc-NddSGB8, upgrade to a fixed version of Cisco vManage as specified in the advisory.
Which versions of Cisco vManage are affected by cisco-sa-sdwan-avc-NddSGB8?
Versions of Cisco vManage including 18.3 and earlier, 20.4, 20.5, 20.6, and some specific 20.3 versions are affected by cisco-sa-sdwan-avc-NddSGB8.
Can cisco-sa-sdwan-avc-NddSGB8 be exploited remotely?
Yes, cisco-sa-sdwan-avc-NddSGB8 can be exploited remotely by an unauthenticated attacker to gain access to the GUI.
Is authentication required to exploit cisco-sa-sdwan-avc-NddSGB8?
No, authentication is not required to exploit the cisco-sa-sdwan-avc-NddSGB8 vulnerability as it allows unauthorized access.
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/severity
- agent/references
- agent/title
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco sd-wan vmanage
- version/cisco sd-wan vmanage/20.7
- version/cisco sd-wan vmanage/20.4
- version/cisco sd-wan vmanage/20.5
- version/cisco sd-wan vmanage/20.6
- version/cisco sd-wan vmanage/18.3 and earlier
- version/cisco sd-wan vmanage/18.4
- version/cisco sd-wan vmanage/19.2
- version/cisco sd-wan vmanage/20.1
- version/cisco sd-wan vmanage/20.3