CVE-2023-20254 - Vulnerability Details

A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant feature to be enabled. This vulnerability is due to insufficient user session management within the Cisco Catalyst SD-WAN Manager system. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain unauthorized access to information about another tenant, make configuration changes, or possibly take a tenant offline causing a denial of service condition.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation None

Automatable No

Technical Impact Total

Vendors	Products
Cisco	Catalyst Sd-wan Manager Sd-wan Manager

Configuration 1 [-]

OR	cpe:2.3:a:cisco:sd-wan_manager::::::::
	cpe:2.3:a:cisco:sd-wan_manager::::::::
	cpe:2.3:a:cisco:sd-wan_manager::::::::
	cpe:2.3:a:cisco:sd-wan_manager::::::::

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z

History

Wed, 23 Oct 2024 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco catalyst Sd-wan Manager
CPEs		cpe:2.3:a:cisco:catalyst_sd-wan_manager::::::::
Vendors & Products		Cisco catalyst Sd-wan Manager
Metrics		ssvc `{'options': {'Automatable': 'No', 'Exploitation': 'None', 'Technical Impact': 'Total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2023-09-27T17:11:23.280Z

Updated: 2024-10-23T19:39:16.225Z

Reserved: 2022-10-27T18:47:50.372Z

Link: CVE-2023-20254

Vulnrichment

Updated: 2024-08-02T09:05:36.889Z

NVD

Status : Modified

Published: 2023-09-27T18:15:11.690

Modified: 2024-11-21T07:41:00.253

Link: CVE-2023-20254

Redhat

No data.

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-20254", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2022-10-27T18:47:50.372Z", "datePublished": "2023-09-27T17:11:23.280Z", "dateUpdated": "2024-10-23T19:39:16.225Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-01-25T16:58:33.089Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant feature to be enabled.\r\n\r This vulnerability is due to insufficient user session management within the Cisco Catalyst SD-WAN Manager system. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain unauthorized access to information about another tenant, make configuration changes, or possibly take a tenant offline causing a denial of service condition."}], "affected": [{"vendor": "Cisco", "product": "Cisco SD-WAN vManage", "versions": [{"version": "17.2.6", "status": "affected"}, {"version": "17.2.7", "status": "affected"}, {"version": "17.2.8", "status": "affected"}, {"version": "17.2.9", "status": "affected"}, {"version": "17.2.10", "status": "affected"}, {"version": "17.2.4", "status": "affected"}, {"version": "17.2.5", "status": "affected"}, {"version": "18.3.1.1", "status": "affected"}, {"version": "18.3.3.1", "status": "affected"}, {"version": "18.3.3", "status": "affected"}, {"version": "18.3.4", "status": "affected"}, {"version": "18.3.5", "status": "affected"}, {"version": "18.3.7", "status": "affected"}, {"version": "18.3.8", "status": "affected"}, {"version": "18.3.6.1", "status": "affected"}, {"version": "18.3.1", "status": "affected"}, {"version": "18.3.0", "status": "affected"}, {"version": "18.4.0.1", "status": "affected"}, {"version": "18.4.3", "status": "affected"}, {"version": "18.4.302", "status": "affected"}, {"version": "18.4.303", "status": "affected"}, {"version": "18.4.4", "status": "affected"}, {"version": "18.4.5", "status": "affected"}, {"version": "18.4.0", "status": "affected"}, {"version": "18.4.1", "status": "affected"}, {"version": "18.4.6", "status": "affected"}, {"version": "19.2.0", "status": "affected"}, {"version": "19.2.097", "status": "affected"}, {"version": "19.2.099", "status": "affected"}, {"version": "19.2.1", "status": "affected"}, {"version": "19.2.2", "status": "affected"}, {"version": "19.2.3", "status": "affected"}, {"version": "19.2.31", "status": "affected"}, {"version": "19.2.929", "status": "affected"}, {"version": "19.2.4", "status": "affected"}, {"version": "20.1.1.1", "status": "affected"}, {"version": "20.1.12", "status": "affected"}, {"version": "20.1.1", "status": "affected"}, {"version": "20.1.2", "status": "affected"}, {"version": "20.1.3", "status": "affected"}, {"version": "19.3.0", "status": "affected"}, {"version": "19.1.0", "status": "affected"}, {"version": "18.2.0", "status": "affected"}, {"version": "20.3.1", "status": "affected"}, {"version": "20.3.2", "status": "affected"}, {"version": "20.3.2.1", "status": "affected"}, {"version": "20.3.3", "status": "affected"}, {"version": "20.3.3.1", "status": "affected"}, {"version": "20.3.4", "status": "affected"}, {"version": "20.3.4.1", "status": "affected"}, {"version": "20.3.4.2", "status": "affected"}, {"version": "20.3.5", "status": "affected"}, {"version": "20.3.6", "status": "affected"}, {"version": "20.3.7", "status": "affected"}, {"version": "20.3.7.1", "status": "affected"}, {"version": "20.3.4.3", "status": "affected"}, {"version": "20.3.5.1", "status": "affected"}, {"version": "20.3.7.2", "status": "affected"}, {"version": "20.4.1", "status": "affected"}, {"version": "20.4.1.1", "status": "affected"}, {"version": "20.4.1.2", "status": "affected"}, {"version": "20.4.2", "status": "affected"}, {"version": "20.4.2.2", "status": "affected"}, {"version": "20.4.2.1", "status": "affected"}, {"version": "20.4.2.3", "status": "affected"}, {"version": "20.5.1", "status": "affected"}, {"version": "20.5.1.2", "status": "affected"}, {"version": "20.5.1.1", "status": "affected"}, {"version": "20.6.1", "status": "affected"}, {"version": "20.6.1.1", "status": "affected"}, {"version": "20.6.2.1", "status": "affected"}, {"version": "20.6.2.2", "status": "affected"}, {"version": "20.6.2", "status": "affected"}, {"version": "20.6.3", "status": "affected"}, {"version": "20.6.3.1", "status": "affected"}, {"version": "20.6.1.2", "status": "affected"}, {"version": "20.6.3.2", "status": "affected"}, {"version": "20.6.3.3", "status": "affected"}, {"version": "20.6.3.0.45", "status": "affected"}, {"version": "20.6.3.0.46", "status": "affected"}, {"version": "20.6.3.0.47", "status": "affected"}, {"version": "20.7.1", "status": "affected"}, {"version": "20.7.1.1", "status": "affected"}, {"version": "20.7.2", "status": "affected"}, {"version": "20.8.1", "status": "affected"}, {"version": "20.9.1", "status": "affected"}, {"version": "20.9.2", "status": "affected"}, {"version": "20.9.2.1", "status": "affected"}, {"version": "20.9.3", "status": "affected"}, {"version": "20.9.3.1", "status": "affected"}, {"version": "20.9.2.3", "status": "affected"}, {"version": "20.9.3.0.12", "status": "affected"}, {"version": "20.9.3.0.16", "status": "affected"}, {"version": "20.9.3.0.17", "status": "affected"}, {"version": "20.9.3.0.18", "status": "affected"}, {"version": "20.9.3.0.20", "status": "affected"}, {"version": "20.9.3.0.21", "status": "affected"}, {"version": "20.9.3.0.23", "status": "affected"}, {"version": "20.10.1", "status": "affected"}, {"version": "20.10.1.1", "status": "affected"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z", "name": "cisco-sa-sdwan-vman-sc-LRLfu2z"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "source": {"advisory": "cisco-sa-sdwan-vman-sc-LRLfu2z", "discovery": "INTERNAL", "defects": ["CSCwf68936", "CSCwf55823"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:05:36.889Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z", "name": "cisco-sa-sdwan-vman-sc-LRLfu2z", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "cisco", "product": "catalyst_sd-wan_manager", "cpes": ["cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "17.2.10", "status": "affected", "lessThanOrEqual": "20.9.3.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2023-11-15T16:37:43.965360Z", "id": "CVE-2023-20254", "options": [{"Exploitation": "None"}, {"Automatable": "No"}, {"Technical Impact": "Total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-23T19:39:16.225Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2023-20254 (string)

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

state : PUBLISHED (string)

assignerShortName : cisco (string)

dateReserved : 2022-10-27T18:47:50.372Z (string)

datePublished : 2023-09-27T17:11:23.280Z (string)

dateUpdated : 2024-10-23T19:39:16.225Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

dateUpdated : 2024-01-25T16:58:33.089Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant feature to be enabled. This vulnerability is due to insufficient user session management within the Cisco Catalyst SD-WAN Manager system. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain unauthorized access to information about another tenant, make configuration changes, or possibly take a tenant offline causing a denial of service condition. (string)

}

]

affected : [ »

0 : { »

vendor : Cisco (string)

product : Cisco SD-WAN vManage (string)

versions : [ »

0 : { »

version : 17.2.6 (string)

status : affected (string)

}

1 : { »

version : 17.2.7 (string)

status : affected (string)

}

2 : { »

version : 17.2.8 (string)

status : affected (string)

}

3 : { »

version : 17.2.9 (string)

status : affected (string)

}

4 : { »

version : 17.2.10 (string)

status : affected (string)

}

5 : { »

version : 17.2.4 (string)

status : affected (string)

}

6 : { »

version : 17.2.5 (string)

status : affected (string)

}

7 : { »

version : 18.3.1.1 (string)

status : affected (string)

}

8 : { »

version : 18.3.3.1 (string)

status : affected (string)

}

9 : { »

version : 18.3.3 (string)

status : affected (string)

}

10 : { »

version : 18.3.4 (string)

status : affected (string)

}

11 : { »

version : 18.3.5 (string)

status : affected (string)

}

12 : { »

version : 18.3.7 (string)

status : affected (string)

}

13 : { »

version : 18.3.8 (string)

status : affected (string)

}

14 : { »

version : 18.3.6.1 (string)

status : affected (string)

}

15 : { »

version : 18.3.1 (string)

status : affected (string)

}

16 : { »

version : 18.3.0 (string)

status : affected (string)

}

17 : { »

version : 18.4.0.1 (string)

status : affected (string)

}

18 : { »

version : 18.4.3 (string)

status : affected (string)

}

19 : { »

version : 18.4.302 (string)

status : affected (string)

}

20 : { »

version : 18.4.303 (string)

status : affected (string)

}

21 : { »

version : 18.4.4 (string)

status : affected (string)

}

22 : { »

version : 18.4.5 (string)

status : affected (string)

}

23 : { »

version : 18.4.0 (string)

status : affected (string)

}

24 : { »

version : 18.4.1 (string)

status : affected (string)

}

25 : { »

version : 18.4.6 (string)

status : affected (string)

}

26 : { »

version : 19.2.0 (string)

status : affected (string)

}

27 : { »

version : 19.2.097 (string)

status : affected (string)

}

28 : { »

version : 19.2.099 (string)

status : affected (string)

}

29 : { »

version : 19.2.1 (string)

status : affected (string)

}

30 : { »

version : 19.2.2 (string)

status : affected (string)

}

31 : { »

version : 19.2.3 (string)

status : affected (string)

}

32 : { »

version : 19.2.31 (string)

status : affected (string)

}

33 : { »

version : 19.2.929 (string)

status : affected (string)

}

34 : { »

version : 19.2.4 (string)

status : affected (string)

}

35 : { »

version : 20.1.1.1 (string)

status : affected (string)

}

36 : { »

version : 20.1.12 (string)

status : affected (string)

}

37 : { »

version : 20.1.1 (string)

status : affected (string)

}

38 : { »

version : 20.1.2 (string)

status : affected (string)

}

39 : { »

version : 20.1.3 (string)

status : affected (string)

}

40 : { »

version : 19.3.0 (string)

status : affected (string)

}

41 : { »

version : 19.1.0 (string)

status : affected (string)

}

42 : { »

version : 18.2.0 (string)

status : affected (string)

}

43 : { »

version : 20.3.1 (string)

status : affected (string)

}

44 : { »

version : 20.3.2 (string)

status : affected (string)

}

45 : { »

version : 20.3.2.1 (string)

status : affected (string)

}

46 : { »

version : 20.3.3 (string)

status : affected (string)

}

47 : { »

version : 20.3.3.1 (string)

status : affected (string)

}

48 : { »

version : 20.3.4 (string)

status : affected (string)

}

49 : { »

version : 20.3.4.1 (string)

status : affected (string)

}

50 : { »

version : 20.3.4.2 (string)

status : affected (string)

}

51 : { »

version : 20.3.5 (string)

status : affected (string)

}

52 : { »

version : 20.3.6 (string)

status : affected (string)

}

53 : { »

version : 20.3.7 (string)

status : affected (string)

}

54 : { »

version : 20.3.7.1 (string)

status : affected (string)

}

55 : { »

version : 20.3.4.3 (string)

status : affected (string)

}

56 : { »

version : 20.3.5.1 (string)

status : affected (string)

}

57 : { »

version : 20.3.7.2 (string)

status : affected (string)

}

58 : { »

version : 20.4.1 (string)

status : affected (string)

}

59 : { »

version : 20.4.1.1 (string)

status : affected (string)

}

60 : { »

version : 20.4.1.2 (string)

status : affected (string)

}

61 : { »

version : 20.4.2 (string)

status : affected (string)

}

62 : { »

version : 20.4.2.2 (string)

status : affected (string)

}

63 : { »

version : 20.4.2.1 (string)

status : affected (string)

}

64 : { »

version : 20.4.2.3 (string)

status : affected (string)

}

65 : { »

version : 20.5.1 (string)

status : affected (string)

}

66 : { »

version : 20.5.1.2 (string)

status : affected (string)

}

67 : { »

version : 20.5.1.1 (string)

status : affected (string)

}

68 : { »

version : 20.6.1 (string)

status : affected (string)

}

69 : { »

version : 20.6.1.1 (string)

status : affected (string)

}

70 : { »

version : 20.6.2.1 (string)

status : affected (string)

}

71 : { »

version : 20.6.2.2 (string)

status : affected (string)

}

72 : { »

version : 20.6.2 (string)

status : affected (string)

}

73 : { »

version : 20.6.3 (string)

status : affected (string)

}

74 : { »

version : 20.6.3.1 (string)

status : affected (string)

}

75 : { »

version : 20.6.1.2 (string)

status : affected (string)

}

76 : { »

version : 20.6.3.2 (string)

status : affected (string)

}

77 : { »

version : 20.6.3.3 (string)

status : affected (string)

}

78 : { »

version : 20.6.3.0.45 (string)

status : affected (string)

}

79 : { »

version : 20.6.3.0.46 (string)

status : affected (string)

}

80 : { »

version : 20.6.3.0.47 (string)

status : affected (string)

}

81 : { »

version : 20.7.1 (string)

status : affected (string)

}

82 : { »

version : 20.7.1.1 (string)

status : affected (string)

}

83 : { »

version : 20.7.2 (string)

status : affected (string)

}

84 : { »

version : 20.8.1 (string)

status : affected (string)

}

85 : { »

version : 20.9.1 (string)

status : affected (string)

}

86 : { »

version : 20.9.2 (string)

status : affected (string)

}

87 : { »

version : 20.9.2.1 (string)

status : affected (string)

}

88 : { »

version : 20.9.3 (string)

status : affected (string)

}

89 : { »

version : 20.9.3.1 (string)

status : affected (string)

}

90 : { »

version : 20.9.2.3 (string)

status : affected (string)

}

91 : { »

version : 20.9.3.0.12 (string)

status : affected (string)

}

92 : { »

version : 20.9.3.0.16 (string)

status : affected (string)

}

93 : { »

version : 20.9.3.0.17 (string)

status : affected (string)

}

94 : { »

version : 20.9.3.0.18 (string)

status : affected (string)

}

95 : { »

version : 20.9.3.0.20 (string)

status : affected (string)

}

96 : { »

version : 20.9.3.0.21 (string)

status : affected (string)

}

97 : { »

version : 20.9.3.0.23 (string)

status : affected (string)

}

98 : { »

version : 20.10.1 (string)

status : affected (string)

}

99 : { »

version : 20.10.1.1 (string)

status : affected (string)

}

]

}

]

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z (string)

name : cisco-sa-sdwan-vman-sc-LRLfu2z (string)

}

]

metrics : [ »

0 : { »

format : cvssV3_1 (string)

cvssV3_1 : { »

version : 3.1 (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (string)

baseScore : 7.2 (number)

baseSeverity : HIGH (string)

attackVector : NETWORK (string)

attackComplexity : LOW (string)

privilegesRequired : HIGH (string)

userInteraction : NONE (string)

scope : UNCHANGED (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

availabilityImpact : HIGH (string)

}

]

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. (string)

}

]

source : { »

advisory : cisco-sa-sdwan-vman-sc-LRLfu2z (string)

discovery : INTERNAL (string)

defects : [ »

0 : CSCwf68936 (string)

1 : CSCwf55823 (string)

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T09:05:36.889Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z (string)

name : cisco-sa-sdwan-vman-sc-LRLfu2z (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

affected : [ »

0 : { »

vendor : cisco (string)

product : catalyst_sd-wan_manager (string)

cpes : [ »

0 : cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 17.2.10 (string)

status : affected (string)

lessThanOrEqual : 20.9.3.1 (string)

versionType : custom (string)

}

]

}

]

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2023-11-15T16:37:43.965360Z (string)

id : CVE-2023-20254 (string)

options : [ »

0 : { »

Exploitation : None (string)

}

1 : { »

Automatable : No (string)

}

2 : { »

Technical Impact : Total (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-23T19:39:16.225Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z", "name": "cisco-sa-sdwan-vman-sc-LRLfu2z", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:05:36.889Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-20254", "role": "CISA Coordinator", "options": [{"Exploitation": "None"}, {"Automatable": "No"}, {"Technical Impact": "Total"}], "version": "2.0.3", "timestamp": "2023-11-15T16:37:43.965360Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "catalyst_sd-wan_manager", "versions": [{"status": "affected", "version": "17.2.10", "versionType": "custom", "lessThanOrEqual": "20.9.3.1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-23T19:25:28.465Z"}}], "cna": {"source": {"defects": ["CSCwf68936", "CSCwf55823"], "advisory": "cisco-sa-sdwan-vman-sc-LRLfu2z", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Cisco", "product": "Cisco SD-WAN vManage", "versions": [{"status": "affected", "version": "17.2.6"}, {"status": "affected", "version": "17.2.7"}, {"status": "affected", "version": "17.2.8"}, {"status": "affected", "version": "17.2.9"}, {"status": "affected", "version": "17.2.10"}, {"status": "affected", "version": "17.2.4"}, {"status": "affected", "version": "17.2.5"}, {"status": "affected", "version": "18.3.1.1"}, {"status": "affected", "version": "18.3.3.1"}, {"status": "affected", "version": "18.3.3"}, {"status": "affected", "version": "18.3.4"}, {"status": "affected", "version": "18.3.5"}, {"status": "affected", "version": "18.3.7"}, {"status": "affected", "version": "18.3.8"}, {"status": "affected", "version": "18.3.6.1"}, {"status": "affected", "version": "18.3.1"}, {"status": "affected", "version": "18.3.0"}, {"status": "affected", "version": "18.4.0.1"}, {"status": "affected", "version": "18.4.3"}, {"status": "affected", "version": "18.4.302"}, {"status": "affected", "version": "18.4.303"}, {"status": "affected", "version": "18.4.4"}, {"status": "affected", "version": "18.4.5"}, {"status": "affected", "version": "18.4.0"}, {"status": "affected", "version": "18.4.1"}, {"status": "affected", "version": "18.4.6"}, {"status": "affected", "version": "19.2.0"}, {"status": "affected", "version": "19.2.097"}, {"status": "affected", "version": "19.2.099"}, {"status": "affected", "version": "19.2.1"}, {"status": "affected", "version": "19.2.2"}, {"status": "affected", "version": "19.2.3"}, {"status": "affected", "version": "19.2.31"}, {"status": "affected", "version": "19.2.929"}, {"status": "affected", "version": "19.2.4"}, {"status": "affected", "version": "20.1.1.1"}, {"status": "affected", "version": "20.1.12"}, {"status": "affected", "version": "20.1.1"}, {"status": "affected", "version": "20.1.2"}, {"status": "affected", "version": "20.1.3"}, {"status": "affected", "version": "19.3.0"}, {"status": "affected", "version": "19.1.0"}, {"status": "affected", "version": "18.2.0"}, {"status": "affected", "version": "20.3.1"}, {"status": "affected", "version": "20.3.2"}, {"status": "affected", "version": "20.3.2.1"}, {"status": "affected", "version": "20.3.3"}, {"status": "affected", "version": "20.3.3.1"}, {"status": "affected", "version": "20.3.4"}, {"status": "affected", "version": "20.3.4.1"}, {"status": "affected", "version": "20.3.4.2"}, {"status": "affected", "version": "20.3.5"}, {"status": "affected", "version": "20.3.6"}, {"status": "affected", "version": "20.3.7"}, {"status": "affected", "version": "20.3.7.1"}, {"status": "affected", "version": "20.3.4.3"}, {"status": "affected", "version": "20.3.5.1"}, {"status": "affected", "version": "20.3.7.2"}, {"status": "affected", "version": "20.4.1"}, {"status": "affected", "version": "20.4.1.1"}, {"status": "affected", "version": "20.4.1.2"}, {"status": "affected", "version": "20.4.2"}, {"status": "affected", "version": "20.4.2.2"}, {"status": "affected", "version": "20.4.2.1"}, {"status": "affected", "version": "20.4.2.3"}, {"status": "affected", "version": "20.5.1"}, {"status": "affected", "version": "20.5.1.2"}, {"status": "affected", "version": "20.5.1.1"}, {"status": "affected", "version": "20.6.1"}, {"status": "affected", "version": "20.6.1.1"}, {"status": "affected", "version": "20.6.2.1"}, {"status": "affected", "version": "20.6.2.2"}, {"status": "affected", "version": "20.6.2"}, {"status": "affected", "version": "20.6.3"}, {"status": "affected", "version": "20.6.3.1"}, {"status": "affected", "version": "20.6.1.2"}, {"status": "affected", "version": "20.6.3.2"}, {"status": "affected", "version": "20.6.3.3"}, {"status": "affected", "version": "20.6.3.0.45"}, {"status": "affected", "version": "20.6.3.0.46"}, {"status": "affected", "version": "20.6.3.0.47"}, {"status": "affected", "version": "20.7.1"}, {"status": "affected", "version": "20.7.1.1"}, {"status": "affected", "version": "20.7.2"}, {"status": "affected", "version": "20.8.1"}, {"status": "affected", "version": "20.9.1"}, {"status": "affected", "version": "20.9.2"}, {"status": "affected", "version": "20.9.2.1"}, {"status": "affected", "version": "20.9.3"}, {"status": "affected", "version": "20.9.3.1"}, {"status": "affected", "version": "20.9.2.3"}, {"status": "affected", "version": "20.9.3.0.12"}, {"status": "affected", "version": "20.9.3.0.16"}, {"status": "affected", "version": "20.9.3.0.17"}, {"status": "affected", "version": "20.9.3.0.18"}, {"status": "affected", "version": "20.9.3.0.20"}, {"status": "affected", "version": "20.9.3.0.21"}, {"status": "affected", "version": "20.9.3.0.23"}, {"status": "affected", "version": "20.10.1"}, {"status": "affected", "version": "20.10.1.1"}]}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z", "name": "cisco-sa-sdwan-vman-sc-LRLfu2z"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant feature to be enabled.\r\n\r This vulnerability is due to insufficient user session management within the Cisco Catalyst SD-WAN Manager system. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain unauthorized access to information about another tenant, make configuration changes, or possibly take a tenant offline causing a denial of service condition."}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-01-25T16:58:33.089Z"}}}, "cveMetadata": {"cveId": "CVE-2023-20254", "state": "PUBLISHED", "dateUpdated": "2024-10-23T19:39:16.225Z", "dateReserved": "2022-10-27T18:47:50.372Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2023-09-27T17:11:23.280Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z (string)

name : cisco-sa-sdwan-vman-sc-LRLfu2z (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T09:05:36.889Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-20254 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : None (string)

}

1 : { »

Automatable : No (string)

}

2 : { »

Technical Impact : Total (string)

}

]

version : 2.0.3 (string)

timestamp : 2023-11-15T16:37:43.965360Z (string)

}

]

affected : [ »

0 : { »

cpes : [ »

0 : cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:* (string)

]

vendor : cisco (string)

product : catalyst_sd-wan_manager (string)

versions : [ »

0 : { »

status : affected (string)

version : 17.2.10 (string)

versionType : custom (string)

lessThanOrEqual : 20.9.3.1 (string)

}

]

defaultStatus : unknown (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-23T19:25:28.465Z (string)

}

]

cna : { »

source : { »

defects : [ »

0 : CSCwf68936 (string)

1 : CSCwf55823 (string)

]

advisory : cisco-sa-sdwan-vman-sc-LRLfu2z (string)

discovery : INTERNAL (string)

}

metrics : [ »

0 : { »

format : cvssV3_1 (string)

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 7.2 (number)

attackVector : NETWORK (string)

baseSeverity : HIGH (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : HIGH (string)

confidentialityImpact : HIGH (string)

}

]

affected : [ »

0 : { »

vendor : Cisco (string)

product : Cisco SD-WAN vManage (string)

versions : [ »

0 : { »

status : affected (string)

version : 17.2.6 (string)

}

1 : { »

status : affected (string)

version : 17.2.7 (string)

}

2 : { »

status : affected (string)

version : 17.2.8 (string)

}

3 : { »

status : affected (string)

version : 17.2.9 (string)

}

4 : { »

status : affected (string)

version : 17.2.10 (string)

}

5 : { »

status : affected (string)

version : 17.2.4 (string)

}

6 : { »

status : affected (string)

version : 17.2.5 (string)

}

7 : { »

status : affected (string)

version : 18.3.1.1 (string)

}

8 : { »

status : affected (string)

version : 18.3.3.1 (string)

}

9 : { »

status : affected (string)

version : 18.3.3 (string)

}

10 : { »

status : affected (string)

version : 18.3.4 (string)

}

11 : { »

status : affected (string)

version : 18.3.5 (string)

}

12 : { »

status : affected (string)

version : 18.3.7 (string)

}

13 : { »

status : affected (string)

version : 18.3.8 (string)

}

14 : { »

status : affected (string)

version : 18.3.6.1 (string)

}

15 : { »

status : affected (string)

version : 18.3.1 (string)

}

16 : { »

status : affected (string)

version : 18.3.0 (string)

}

17 : { »

status : affected (string)

version : 18.4.0.1 (string)

}

18 : { »

status : affected (string)

version : 18.4.3 (string)

}

19 : { »

status : affected (string)

version : 18.4.302 (string)

}

20 : { »

status : affected (string)

version : 18.4.303 (string)

}

21 : { »

status : affected (string)

version : 18.4.4 (string)

}

22 : { »

status : affected (string)

version : 18.4.5 (string)

}

23 : { »

status : affected (string)

version : 18.4.0 (string)

}

24 : { »

status : affected (string)

version : 18.4.1 (string)

}

25 : { »

status : affected (string)

version : 18.4.6 (string)

}

26 : { »

status : affected (string)

version : 19.2.0 (string)

}

27 : { »

status : affected (string)

version : 19.2.097 (string)

}

28 : { »

status : affected (string)

version : 19.2.099 (string)

}

29 : { »

status : affected (string)

version : 19.2.1 (string)

}

30 : { »

status : affected (string)

version : 19.2.2 (string)

}

31 : { »

status : affected (string)

version : 19.2.3 (string)

}

32 : { »

status : affected (string)

version : 19.2.31 (string)

}

33 : { »

status : affected (string)

version : 19.2.929 (string)

}

34 : { »

status : affected (string)

version : 19.2.4 (string)

}

35 : { »

status : affected (string)

version : 20.1.1.1 (string)

}

36 : { »

status : affected (string)

version : 20.1.12 (string)

}

37 : { »

status : affected (string)

version : 20.1.1 (string)

}

38 : { »

status : affected (string)

version : 20.1.2 (string)

}

39 : { »

status : affected (string)

version : 20.1.3 (string)

}

40 : { »

status : affected (string)

version : 19.3.0 (string)

}

41 : { »

status : affected (string)

version : 19.1.0 (string)

}

42 : { »

status : affected (string)

version : 18.2.0 (string)

}

43 : { »

status : affected (string)

version : 20.3.1 (string)

}

44 : { »

status : affected (string)

version : 20.3.2 (string)

}

45 : { »

status : affected (string)

version : 20.3.2.1 (string)

}

46 : { »

status : affected (string)

version : 20.3.3 (string)

}

47 : { »

status : affected (string)

version : 20.3.3.1 (string)

}

48 : { »

status : affected (string)

version : 20.3.4 (string)

}

49 : { »

status : affected (string)

version : 20.3.4.1 (string)

}

50 : { »

status : affected (string)

version : 20.3.4.2 (string)

}

51 : { »

status : affected (string)

version : 20.3.5 (string)

}

52 : { »

status : affected (string)

version : 20.3.6 (string)

}

53 : { »

status : affected (string)

version : 20.3.7 (string)

}

54 : { »

status : affected (string)

version : 20.3.7.1 (string)

}

55 : { »

status : affected (string)

version : 20.3.4.3 (string)

}

56 : { »

status : affected (string)

version : 20.3.5.1 (string)

}

57 : { »

status : affected (string)

version : 20.3.7.2 (string)

}

58 : { »

status : affected (string)

version : 20.4.1 (string)

}

59 : { »

status : affected (string)

version : 20.4.1.1 (string)

}

60 : { »

status : affected (string)

version : 20.4.1.2 (string)

}

61 : { »

status : affected (string)

version : 20.4.2 (string)

}

62 : { »

status : affected (string)

version : 20.4.2.2 (string)

}

63 : { »

status : affected (string)

version : 20.4.2.1 (string)

}

64 : { »

status : affected (string)

version : 20.4.2.3 (string)

}

65 : { »

status : affected (string)

version : 20.5.1 (string)

}

66 : { »

status : affected (string)

version : 20.5.1.2 (string)

}

67 : { »

status : affected (string)

version : 20.5.1.1 (string)

}

68 : { »

status : affected (string)

version : 20.6.1 (string)

}

69 : { »

status : affected (string)

version : 20.6.1.1 (string)

}

70 : { »

status : affected (string)

version : 20.6.2.1 (string)

}

71 : { »

status : affected (string)

version : 20.6.2.2 (string)

}

72 : { »

status : affected (string)

version : 20.6.2 (string)

}

73 : { »

status : affected (string)

version : 20.6.3 (string)

}

74 : { »

status : affected (string)

version : 20.6.3.1 (string)

}

75 : { »

status : affected (string)

version : 20.6.1.2 (string)

}

76 : { »

status : affected (string)

version : 20.6.3.2 (string)

}

77 : { »

status : affected (string)

version : 20.6.3.3 (string)

}

78 : { »

status : affected (string)

version : 20.6.3.0.45 (string)

}

79 : { »

status : affected (string)

version : 20.6.3.0.46 (string)

}

80 : { »

status : affected (string)

version : 20.6.3.0.47 (string)

}

81 : { »

status : affected (string)

version : 20.7.1 (string)

}

82 : { »

status : affected (string)

version : 20.7.1.1 (string)

}

83 : { »

status : affected (string)

version : 20.7.2 (string)

}

84 : { »

status : affected (string)

version : 20.8.1 (string)

}

85 : { »

status : affected (string)

version : 20.9.1 (string)

}

86 : { »

status : affected (string)

version : 20.9.2 (string)

}

87 : { »

status : affected (string)

version : 20.9.2.1 (string)

}

88 : { »

status : affected (string)

version : 20.9.3 (string)

}

89 : { »

status : affected (string)

version : 20.9.3.1 (string)

}

90 : { »

status : affected (string)

version : 20.9.2.3 (string)

}

91 : { »

status : affected (string)

version : 20.9.3.0.12 (string)

}

92 : { »

status : affected (string)

version : 20.9.3.0.16 (string)

}

93 : { »

status : affected (string)

version : 20.9.3.0.17 (string)

}

94 : { »

status : affected (string)

version : 20.9.3.0.18 (string)

}

95 : { »

status : affected (string)

version : 20.9.3.0.20 (string)

}

96 : { »

status : affected (string)

version : 20.9.3.0.21 (string)

}

97 : { »

status : affected (string)

version : 20.9.3.0.23 (string)

}

98 : { »

status : affected (string)

version : 20.10.1 (string)

}

99 : { »

status : affected (string)

version : 20.10.1.1 (string)

}

]

}

]

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. (string)

}

]

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z (string)

name : cisco-sa-sdwan-vman-sc-LRLfu2z (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

}

]

providerMetadata : { »

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

dateUpdated : 2024-01-25T16:58:33.089Z (string)

}

cveMetadata : { »

cveId : CVE-2023-20254 (string)

state : PUBLISHED (string)

dateUpdated : 2024-10-23T19:39:16.225Z (string)

dateReserved : 2022-10-27T18:47:50.372Z (string)

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

datePublished : 2023-09-27T17:11:23.280Z (string)

assignerShortName : cisco (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6BF7AEE-61BF-488D-8439-35B85529DD45", "versionEndExcluding": "20.6.3.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "DFA494E8-5817-49FF-AF87-C1E5CC6A366B", "versionEndExcluding": "20.9.3.2", "versionStartIncluding": "20.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB339115-6B31-4A04-89BC-A053C964CDD4", "versionEndExcluding": "20.10.1.2", "versionStartIncluding": "20.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD884D68-559B-4169-9790-D8C6F694593E", "versionEndExcluding": "20.11.1.2", "versionStartIncluding": "20.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant feature to be enabled.\r\n\r This vulnerability is due to insufficient user session management within the Cisco Catalyst SD-WAN Manager system. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain unauthorized access to information about another tenant, make configuration changes, or possibly take a tenant offline causing a denial of service condition."}, {"lang": "es", "value": "Una vulnerabilidad en el sistema de gesti\u00f3n de sesiones de la funci\u00f3n multiinquilino de Cisco Catalyst SD-WAN Manager podr\u00eda permitir que un atacante remoto autenticado acceda a otro tenant que est\u00e1 siendo administrado por la misma instancia de Cisco Catalyst SD-WAN Manager. Esta vulnerabilidad requiere que est\u00e9 habilitada la funci\u00f3n multi-tenant. Esta vulnerabilidad se debe a una gesti\u00f3n insuficiente de la sesi\u00f3n de usuario dentro del sistema Cisco Catalyst SD-WAN Manager. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud manipulada a un sistema afectado. Un exploit exitoso podr\u00eda permitir al atacante obtener acceso no autorizado a informaci\u00f3n sobre otro tenant, realizar cambios en la configuraci\u00f3n o posiblemente desconectar a un tenant, provocando una condici\u00f3n de denegaci\u00f3n de servicio."}], "id": "CVE-2023-20254", "lastModified": "2024-11-21T07:41:00.253", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-27T18:15:11.690", "references": [{"source": "ykramarz@cisco.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E6BF7AEE-61BF-488D-8439-35B85529DD45 (string)

versionEndExcluding : 20.6.3.4 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DFA494E8-5817-49FF-AF87-C1E5CC6A366B (string)

versionEndExcluding : 20.9.3.2 (string)

versionStartIncluding : 20.7 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DB339115-6B31-4A04-89BC-A053C964CDD4 (string)

versionEndExcluding : 20.10.1.2 (string)

versionStartIncluding : 20.10 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FD884D68-559B-4169-9790-D8C6F694593E (string)

versionEndExcluding : 20.11.1.2 (string)

versionStartIncluding : 20.11 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

}

1 : { »

lang : es (string)

value : Una vulnerabilidad en el sistema de gestión de sesiones de la función multiinquilino de Cisco Catalyst SD-WAN Manager podría permitir que un atacante remoto autenticado acceda a otro tenant que está siendo administrado por la misma instancia de Cisco Catalyst SD-WAN Manager. Esta vulnerabilidad requiere que esté habilitada la función multi-tenant. Esta vulnerabilidad se debe a una gestión insuficiente de la sesión de usuario dentro del sistema Cisco Catalyst SD-WAN Manager. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud manipulada a un sistema afectado. Un exploit exitoso podría permitir al atacante obtener acceso no autorizado a información sobre otro tenant, realizar cambios en la configuración o posiblemente desconectar a un tenant, provocando una condición de denegación de servicio. (string)

}

]

id : CVE-2023-20254 (string)

lastModified : 2024-11-21T07:41:00.253 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.2 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.2 (number)

impactScore : 5.9 (number)

source : ykramarz@cisco.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 8.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2023-09-27T18:15:11.690 (string)

references : [ »

0 : { »

source : ykramarz@cisco.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z (string)

}

]

sourceIdentifier : ykramarz@cisco.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-732 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation None

Automatable No

Technical Impact Total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object