Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
Vulnerability Description
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
认证机制不恰当
Vulnerability Title
Cisco Catalyst SD-WAN Manager和Cisco Catalyst SD-WAN Controller 授权问题漏洞
Vulnerability Description
Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage)和Cisco Catalyst SD-WAN Controller都是美国思科(Cisco)公司的产品。Cisco Catalyst SD-WAN Manager是一个高度可定制的仪表板。可简化和自动化 Cisco SD-WAN 的部署、配置、管理和操作。Cisco Catalyst SD-WAN Controller是一个安全策略控制面板。 Cisco Catalyst SD-WAN Manager和C
CVSS Information
N/A
Vulnerability Type
N/A