A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system.
The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2023-08-04T20:51:55.199Z
Updated: 2024-08-04T15:49:07.107Z
Reserved: 2020-09-24T00:00:00.000Z
Link: CVE-2020-26065
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-08-04T21:15:10.640
Modified: 2024-01-25T17:15:14.010
Link: CVE-2020-26065
Redhat
No data.