cisco-sa-sdwan-vmanage-wfnqmYhN: Cisco SD-WAN vManage Software Arbitrary File Deletion Vulnerability
First published: Wed Apr 19 2023(Updated: )
A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files.This vulnerability is due to improper filtering of directory traversal character sequences within system commands. An attacker with administrative
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco SD-WAN vManage |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-sdwan-vmanage-wfnqmYhN?
The severity of the vulnerability cisco-sa-sdwan-vmanage-wfnqmYhN is considered to be high.
How do I fix cisco-sa-sdwan-vmanage-wfnqmYhN?
To fix cisco-sa-sdwan-vmanage-wfnqmYhN, you should upgrade to the patched version of Cisco SD-WAN vManage Software as specified in the security advisory.
Who is affected by cisco-sa-sdwan-vmanage-wfnqmYhN?
Organizations using Cisco SD-WAN vManage Software are affected by the vulnerability cisco-sa-sdwan-vmanage-wfnqmYhN.
What type of attack vector is utilized in cisco-sa-sdwan-vmanage-wfnqmYhN?
The vulnerability cisco-sa-sdwan-vmanage-wfnqmYhN can be exploited by an authenticated, local attacker through directory traversal.
What are the potential impacts of cisco-sa-sdwan-vmanage-wfnqmYhN?
The potential impacts of cisco-sa-sdwan-vmanage-wfnqmYhN include unauthorized file deletions which could lead to system disruption.
- collector/cisco-recent
- agent/type
- agent/event
- agent/last-modified-date
- agent/severity
- agent/references
- agent/weakness
- agent/title
- agent/first-publish-date
- agent/description
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco sd-wan vmanage