A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager (CVE-2023-20034, CVE-2023-20252, CVE-2023-20253, CVE-2023-20254, CVE-2023-20262)

Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager (CVE-2023-20034, CVE-2023-20252, CVE-2023-20253, CVE-2023-20254, CVE-2023-20262)

Advisory No: TZCERT/SA/2023/09/28

Date of First Release: 28th September 2023

Source: CISCO

Software Affected:  Cisco Catalyst SD-WAN Manager

Overview:

Multiple independent vulnerabilities have been identified to affect multiple components in a Cisco device. These independent vulnerabilities which do not require exploitation of another vulnerability to be exploited may allow an attacker to compromise the confidentiality and availability of the affected system.

Description:

CVE-2023-20252: A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user.

CVE-2023-20253: A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with read-only privileges to bypass authorization and roll back controller configurations, which could then be deployed to the downstream routers.

CVE-2023-20034: A vulnerability in the access control implementation for Elasticsearch could allow the attacker to view the Elasticsearch database content as the Elasticsearch user.

CVE-2023-20254: A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant due to insufficient user session management allowing the attacker to access information about another tenant, make configuration changes, or possibly take a tenant offline and cause a DoS condition.

CVE-2023-20262: A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only.

Impact:

Successful exploitation of this vulnerability may allow the attacker to gain unauthorized access or cause a denial of service (DoS) condition.

Solution:

Cisco has released patches for these vulnerabilities. Users and administrators are encouraged to apply all necessary updates.

References:

  1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z

Check Also

Remote Code Execution Vulnerabilities in IBM Operational Decision Manager, and IBM i Modernization Engine for Lifecycle Integration (CVE-2019-19919, CVE-2019-12384)

Advisory No: TZCERT/SA/2024/05/17-6 Date of First Release: 17th May 2024 Source: IBM Software Affected: IBM …