Description
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An attacker could exploit this vulnerability by sending a crafted request to the API of an affected system. A successful exploit could allow the attacker to execute commands with the privileges of the netadmin role. Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability.
Scores
CVSS v3
9.8
EPSS
0.0006
EPSS Percentile
17.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-287
Status
published
Products (50)
cisco/catalyst_sd-wan_manager
20.12.6
cisco/catalyst_sd-wan_manager
< 20.9.8.2
Cisco/Cisco Catalyst SD-WAN Manager
17.2.10
Cisco/Cisco Catalyst SD-WAN Manager
17.2.4
Cisco/Cisco Catalyst SD-WAN Manager
17.2.5
Cisco/Cisco Catalyst SD-WAN Manager
17.2.6
Cisco/Cisco Catalyst SD-WAN Manager
17.2.7
Cisco/Cisco Catalyst SD-WAN Manager
17.2.8
Cisco/Cisco Catalyst SD-WAN Manager
17.2.9
Cisco/Cisco Catalyst SD-WAN Manager
18.2.0
... and 40 more
Published
Feb 25, 2026
Tracked Since
Feb 26, 2026