{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20475", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.681Z", "datePublished": "2024-09-25T16:19:47.236Z", "dateUpdated": "2024-09-25T18:35:41.286Z"}, "containers": {"cna": {"title": "Cisco SD-WAN vManage Cross-Site Scripting Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd", "name": "cisco-sa-sdwan-xss-zQ4KPvYd"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-sdwan-xss-zQ4KPvYd", "discovery": "EXTERNAL", "defects": ["CSCwk43942"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "cwe", "cweId": "CWE-79"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco Catalyst SD-WAN Manager", "versions": [{"version": "20.6.1", "status": "affected"}, {"version": "20.6.1.1", "status": "affected"}, {"version": "20.6.0.18.3", "status": "affected"}, {"version": "20.6.0.18.4", "status": "affected"}, {"version": "20.6.1.0.1", "status": "affected"}, {"version": "20.6.2", "status": "affected"}, {"version": "20.7.1EFT2", "status": "affected"}, {"version": "20.7.1", "status": "affected"}, {"version": "20.6.2.1", "status": "affected"}, {"version": "20.6.2.2", "status": "affected"}, {"version": "20.7.1.1", "status": "affected"}, {"version": "20.6.2.2.2", "status": "affected"}, {"version": "20.6.2.2.3", "status": "affected"}, {"version": "20.6.2.0.4", "status": "affected"}, {"version": "20.6.2.2.7", "status": "affected"}, {"version": "20.6.3", "status": "affected"}, {"version": "20.7.1.0.2", "status": "affected"}, {"version": "20.8.1", "status": "affected"}, {"version": "20.6.3.0.7", "status": "affected"}, {"version": "20.6.3.0.5", "status": "affected"}, {"version": "20.6.3.0.10", "status": "affected"}, {"version": "20.6.3.0.2", "status": "affected"}, {"version": "20.7.2", "status": "affected"}, {"version": "20.6.3.0.11", "status": "affected"}, {"version": "20.6.3.0.14", "status": "affected"}, {"version": "20.6.3.0.19", "status": "affected"}, {"version": "20.6.3.0.18", "status": "affected"}, {"version": "20.6.3.0.23", "status": "affected"}, {"version": "20.6.3.0.25", "status": "affected"}, {"version": "20.6.3.0.27", "status": "affected"}, {"version": "20.6.3.0.29", "status": "affected"}, {"version": "20.10.1", "status": "affected"}, {"version": "20.6.3.0.33", "status": "affected"}, {"version": "20.9.1_LI_Images", "status": "affected"}, {"version": "20.10.1_LI_Images", "status": "affected"}, {"version": "20.9.3", "status": "affected"}, {"version": "20.6.5.1", "status": "affected"}, {"version": "20.11.1", "status": "affected"}, {"version": "20.11.1_LI_Images", "status": "affected"}, {"version": "20.9.3_LI_ Images", "status": "affected"}, {"version": "20.6.3.1.1", "status": "affected"}, {"version": "20.9.3.0.3", "status": "affected"}, {"version": "20.6.3.2", "status": "affected"}, {"version": "20.6.4.1", "status": "affected"}, {"version": "20.6.3.0.39", "status": "affected"}, {"version": "20.6.5.2", "status": "affected"}, {"version": "20.10.1.1", "status": "affected"}, {"version": "20.6.2.2.4", "status": "affected"}, {"version": "20.6.1.2", "status": "affected"}, {"version": "20.11.1.1", "status": "affected"}, {"version": "20.6.3.0.40", "status": "affected"}, {"version": "20.9.2.2", "status": "affected"}, {"version": "20.6.5.2.3", "status": "affected"}, {"version": "20.6.5.1.5", "status": "affected"}, {"version": "20.9.3.0.4", "status": "affected"}, {"version": "20.6.4.0.19", "status": "affected"}, {"version": "20.6.3.3", "status": "affected"}, {"version": "20.6.5.4", "status": "affected"}, {"version": "20.6.5.1.7", "status": "affected"}, {"version": "20.9.3.0.12", "status": "affected"}, {"version": "20.11.1.2", "status": "affected"}, {"version": "20.6.3.4", "status": "affected"}, {"version": "20.10.1.2", "status": "affected"}, {"version": "20.6.5.1.10", "status": "affected"}, {"version": "20.6.5.2.4", "status": "affected"}, {"version": "20.9.3.0.18", "status": "affected"}, {"version": "20.6.3.0.47", "status": "affected"}, {"version": "20.9.2.3", "status": "affected"}, {"version": "20.9.3.0.21", "status": "affected"}, {"version": "20.9.4_LI_Images", "status": "affected"}, {"version": "20.9.4", "status": "affected"}, {"version": "20.6.5.1.11", "status": "affected"}, {"version": "20.12.1", "status": "affected"}, {"version": "20.12.1_LI_Images", "status": "affected"}, {"version": "20.9.3.0.23", "status": "affected"}, {"version": "20.9.4.1", "status": "affected"}, {"version": "20.9.4.1_LI_Images", "status": "affected"}, {"version": "20.9.3.0.25", "status": "affected"}, {"version": "20.9.3.0.24", "status": "affected"}, {"version": "20.6.5.1.14", "status": "affected"}, {"version": "20.9.3.0.26", "status": "affected"}, {"version": "20.6.3.0.51", "status": "affected"}, {"version": "20.12.2", "status": "affected"}, {"version": "20.12.2_LI_Images", "status": "affected"}, {"version": "20.6.6.0.1", "status": "affected"}, {"version": "20.13.1_LI_Images", "status": "affected"}, {"version": "20.9.4.0.4", "status": "affected"}, {"version": "20.13.1", "status": "affected"}, {"version": "20.9.4.1.1", "status": "affected"}, {"version": "20.9.5", "status": "affected"}, {"version": "20.9.5_LI_Images", "status": "affected"}, {"version": "20.12.3_LI_Images", "status": "affected"}, {"version": "20.12.3", "status": "affected"}, {"version": "20.9.4.1.3", "status": "affected"}, {"version": "20.6.7", "status": "affected"}, {"version": "20.9.5.1", "status": "affected"}, {"version": "20.9.5.1_LI_Images", "status": "affected"}, {"version": "20.14.1", "status": "affected"}, {"version": "20.14.1_LI_Images", "status": "affected"}, {"version": "20.9.5.2_LI_Images", "status": "affected"}, {"version": "20.12.3.1", "status": "affected"}, {"version": "20.12.4", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-09-25T16:19:47.236Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-25T18:35:31.732359Z", "id": "CVE-2024-20475", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-25T18:35:41.286Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20475", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-25T18:35:31.732359Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-25T18:35:37.630Z"}}], "cna": {"title": "Cisco SD-WAN vManage Cross-Site Scripting Vulnerability", "source": {"defects": ["CSCwk43942"], "advisory": "cisco-sa-sdwan-xss-zQ4KPvYd", "discovery": "EXTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Catalyst SD-WAN Manager", "versions": [{"status": "affected", "version": "20.6.1"}, {"status": "affected", "version": "20.6.1.1"}, {"status": "affected", "version": "20.6.0.18.3"}, {"status": "affected", "version": "20.6.0.18.4"}, {"status": "affected", "version": "20.6.1.0.1"}, {"status": "affected", "version": "20.6.2"}, {"status": "affected", "version": "20.7.1EFT2"}, {"status": "affected", "version": "20.7.1"}, {"status": "affected", "version": "20.6.2.1"}, {"status": "affected", "version": "20.6.2.2"}, {"status": "affected", "version": "20.7.1.1"}, {"status": "affected", "version": "20.6.2.2.2"}, {"status": "affected", "version": "20.6.2.2.3"}, {"status": "affected", "version": "20.6.2.0.4"}, {"status": "affected", "version": "20.6.2.2.7"}, {"status": "affected", "version": "20.6.3"}, {"status": "affected", "version": "20.7.1.0.2"}, {"status": "affected", "version": "20.8.1"}, {"status": "affected", "version": "20.6.3.0.7"}, {"status": "affected", "version": "20.6.3.0.5"}, {"status": "affected", "version": "20.6.3.0.10"}, {"status": "affected", "version": "20.6.3.0.2"}, {"status": "affected", "version": "20.7.2"}, {"status": "affected", "version": "20.6.3.0.11"}, {"status": "affected", "version": "20.6.3.0.14"}, {"status": "affected", "version": "20.6.3.0.19"}, {"status": "affected", "version": "20.6.3.0.18"}, {"status": "affected", "version": "20.6.3.0.23"}, {"status": "affected", "version": "20.6.3.0.25"}, {"status": "affected", "version": "20.6.3.0.27"}, {"status": "affected", "version": "20.6.3.0.29"}, {"status": "affected", "version": "20.10.1"}, {"status": "affected", "version": "20.6.3.0.33"}, {"status": "affected", "version": "20.9.1_LI_Images"}, {"status": "affected", "version": "20.10.1_LI_Images"}, {"status": "affected", "version": "20.9.3"}, {"status": "affected", "version": "20.6.5.1"}, {"status": "affected", "version": "20.11.1"}, {"status": "affected", "version": "20.11.1_LI_Images"}, {"status": "affected", "version": "20.9.3_LI_ Images"}, {"status": "affected", "version": "20.6.3.1.1"}, {"status": "affected", "version": "20.9.3.0.3"}, {"status": "affected", "version": "20.6.3.2"}, {"status": "affected", "version": "20.6.4.1"}, {"status": "affected", "version": "20.6.3.0.39"}, {"status": "affected", "version": "20.6.5.2"}, {"status": "affected", "version": "20.10.1.1"}, {"status": "affected", "version": "20.6.2.2.4"}, {"status": "affected", "version": "20.6.1.2"}, {"status": "affected", "version": "20.11.1.1"}, {"status": "affected", "version": "20.6.3.0.40"}, {"status": "affected", "version": "20.9.2.2"}, {"status": "affected", "version": "20.6.5.2.3"}, {"status": "affected", "version": "20.6.5.1.5"}, {"status": "affected", "version": "20.9.3.0.4"}, {"status": "affected", "version": "20.6.4.0.19"}, {"status": "affected", "version": "20.6.3.3"}, {"status": "affected", "version": "20.6.5.4"}, {"status": "affected", "version": "20.6.5.1.7"}, {"status": "affected", "version": "20.9.3.0.12"}, {"status": "affected", "version": "20.11.1.2"}, {"status": "affected", "version": "20.6.3.4"}, {"status": "affected", "version": "20.10.1.2"}, {"status": "affected", "version": "20.6.5.1.10"}, {"status": "affected", "version": "20.6.5.2.4"}, {"status": "affected", "version": "20.9.3.0.18"}, {"status": "affected", "version": "20.6.3.0.47"}, {"status": "affected", "version": "20.9.2.3"}, {"status": "affected", "version": "20.9.3.0.21"}, {"status": "affected", "version": "20.9.4_LI_Images"}, {"status": "affected", "version": "20.9.4"}, {"status": "affected", "version": "20.6.5.1.11"}, {"status": "affected", "version": "20.12.1"}, {"status": "affected", "version": "20.12.1_LI_Images"}, {"status": "affected", "version": "20.9.3.0.23"}, {"status": "affected", "version": "20.9.4.1"}, {"status": "affected", "version": "20.9.4.1_LI_Images"}, {"status": "affected", "version": "20.9.3.0.25"}, {"status": "affected", "version": "20.9.3.0.24"}, {"status": "affected", "version": "20.6.5.1.14"}, {"status": "affected", "version": "20.9.3.0.26"}, {"status": "affected", "version": "20.6.3.0.51"}, {"status": "affected", "version": "20.12.2"}, {"status": "affected", "version": "20.12.2_LI_Images"}, {"status": "affected", "version": "20.6.6.0.1"}, {"status": "affected", "version": "20.13.1_LI_Images"}, {"status": "affected", "version": "20.9.4.0.4"}, {"status": "affected", "version": "20.13.1"}, {"status": "affected", "version": "20.9.4.1.1"}, {"status": "affected", "version": "20.9.5"}, {"status": "affected", "version": "20.9.5_LI_Images"}, {"status": "affected", "version": "20.12.3_LI_Images"}, {"status": "affected", "version": "20.12.3"}, {"status": "affected", "version": "20.9.4.1.3"}, {"status": "affected", "version": "20.6.7"}, {"status": "affected", "version": "20.9.5.1"}, {"status": "affected", "version": "20.9.5.1_LI_Images"}, {"status": "affected", "version": "20.14.1"}, {"status": "affected", "version": "20.14.1_LI_Images"}, {"status": "affected", "version": "20.9.5.2_LI_Images"}, {"status": "affected", "version": "20.12.3.1"}, {"status": "affected", "version": "20.12.4"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd", "name": "cisco-sa-sdwan-xss-zQ4KPvYd"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-09-25T16:19:47.236Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20475", "state": "PUBLISHED", "dateUpdated": "2024-09-25T18:35:41.286Z", "dateReserved": "2023-11-08T15:08:07.681Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-09-25T16:19:47.236Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.0.18.3:*:*:*:*:*:*:*", "matchCriteriaId": "FBF6213C-D6E2-4E61-8D47-2A5021F63DB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.0.18.4:*:*:*:*:*:*:*", "matchCriteriaId": "68B867D3-B112-4D31-B670-4D65C729C994", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "4683477E-D6BB-4369-AFC2-782FD8F3F28B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EAD8502A-A5F5-4A4B-832A-805553FAE2FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "D2AA663C-B4CB-4804-A0A3-34673266D9D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "672F8B07-AC0A-429D-A9CF-5A95EB495A24", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "4DE2B3AF-B15C-460E-B5E7-787AD499E1DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "990EC5AF-AA5B-418C-B76E-E5021D454231", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "A8A584DA-1488-466D-AF16-95C254179ABC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "8D93607A-99AE-4DC1-9314-5425C2A335FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "343E8AB9-46E6-4911-B633-5A8263935468", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "E0EF7247-C1BB-463D-AA66-BEA7018CC9C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "A1F9245C-4E06-4828-97B7-8C870E96846B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.2.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "8F5D0F37-2171-4DD4-A982-51172211516A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F5F1CA43-C924-4419-91DB-F24D450CF630", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "407DA2A5-CA7E-49E7-B5DD-6ADD41FF067B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "A759A715-6341-4457-8A0C-04E928A3D14F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "0D9280A1-C000-4752-A489-461918105296", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "E45D2835-426F-40CF-9643-762FC1500F84", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "C49D6858-9454-4D57-AC14-3A0D0033E79D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "948A5441-C98F-4AA9-9483-5FC9753A8823", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "603C1F0B-4A9F-478C-9FBA-D1D10FA1E52A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "D6B0F5A1-973E-48DD-A409-A90B1429A2DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "EC46201F-4091-4DF0-9B43-66D6D599E007", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.25:*:*:*:*:*:*:*", "matchCriteriaId": "9FFA69FD-7DDE-4ADE-909A-CD2DACB60C1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.27:*:*:*:*:*:*:*", "matchCriteriaId": "3BB74248-263D-4611-BA47-7AB6D36F5EE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.29:*:*:*:*:*:*:*", "matchCriteriaId": "0D12FB89-D6F2-4F33-95A6-976FA4F30811", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.33:*:*:*:*:*:*:*", "matchCriteriaId": "298785F7-9E64-47DB-BC86-D18D63B99435", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.39:*:*:*:*:*:*:*", "matchCriteriaId": "2F08FFEE-B778-468D-B840-63DDE5087DB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.40:*:*:*:*:*:*:*", "matchCriteriaId": "C7137CC4-30B3-48ED-B45D-81EF05542002", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.47:*:*:*:*:*:*:*", "matchCriteriaId": "4366495B-9D70-416A-A033-1379C24A690A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.0.51:*:*:*:*:*:*:*", "matchCriteriaId": "9928E331-E793-48E9-8A48-739A0F4A3961", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C05315A5-079E-4041-B45E-447D2D9EAB15", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "329E2793-6824-48E9-8878-5D17E4B97358", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "4628A095-15DD-4307-ADAE-08C10D9008C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "41084A4F-B8DA-4D33-820D-0992CD03C1ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.4.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "8504DC6D-4E14-48DB-AED7-24C9A997B5F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "9AD78F8C-B1D3-49ED-8017-2E906C332D82", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "685C7CB4-9536-4112-B08D-25B7C026521F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.5.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "9AEE6009-EECB-4014-AC7B-38C34D4C9E56", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.5.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "E84754C7-6517-4E68-A1FB-A49E9B1AB001", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.5.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "47CEC7FB-2AFD-4520-B0D2-BC453CFED93F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.5.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "A4878A80-9403-44EA-95E8-B5A550867DFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.5.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "6FA86640-08A7-4759-B1B1-954DF3E208E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "55B99428-019F-4AE8-AEE6-91E52AE62AD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "993D9858-BD9C-427B-80AC-DEF5934FE85D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "6DC1BC44-F0A7-4C51-88FE-014BBFEDCFD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "F6F38AB7-00C9-4AFF-B254-9EE5CE29C21B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "85BEA8A6-DDAD-4E83-AF84-6D18D506C924", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "234900C1-F011-457A-A933-08BA1B8654B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "60381079-AC03-4C94-BF09-9EF5E43F56F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F21D1E12-3640-4FFD-A01D-2F6E6A097DBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F757354E-EB7A-4935-BC46-EF8E9D887DD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7.1eft2:*:*:*:*:*:*:*", "matchCriteriaId": "267780C2-149B-4542-B895-7E44B6F68D8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "14ECDDBB-E446-410D-AB70-684A89B17BDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "7D13F4E8-362D-4491-9E4A-5EEF30A78B97", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.1_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "82401FE6-1281-4435-9ED6-D292FEEA73E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "4C6B0B7D-EDF1-4E87-916B-AA1B8E7E0F3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "55E311E9-A655-4C64-BC88-252D09BE4858", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "52FF858A-A529-48D5-8CFA-8D4BF87E8BA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A2A0DD4A-7931-4EEF-998D-DE551E0E3278", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B5023468-11B6-430C-BE6B-2837046F3B32", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.3.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "392C5D43-6025-494F-AF09-C2ACD8C48C43", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.3.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "5BD3364B-DE56-40A0-AB79-B9CA441EC0FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.3.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "688D2E63-8C3D-4D16-BD1E-E17BDBDB20E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.3.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "B075508D-832F-44E7-A330-084816F37D8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.3.0.24:*:*:*:*:*:*:*", "matchCriteriaId": "45A1497A-3415-46C0-B39E-F73D38701140", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.3.0.25:*:*:*:*:*:*:*", "matchCriteriaId": "E669644C-2825-46FC-9E45-150048999897", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.3.0.26:*:*:*:*:*:*:*", "matchCriteriaId": "ED327457-43A3-43E1-87EC-0CEAFE75121B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.3_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "47559234-5E24-4565-AC81-E0AFE106AA59", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "A35AF0B6-61BF-4AA6-A4C0-66F81D72B640", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "E058C6B6-9207-4DB5-89FC-20141050279E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "BAADB556-17D4-4E94-9454-5BFB201003CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "1DE80AF6-2777-4444-8AF5-BE1230711A67", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "8848E7F7-F346-4340-9CE6-683CE29FE1D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.4.1_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "0CBDA9C9-592B-4027-93FA-7773F4CD836B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.4_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "080C5446-3B34-4B28-AA9A-EE71E08B12EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "345941B4-4BA6-4893-B224-AF99399FD6AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "07C2D295-3147-49A5-8807-5792AFA59069", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.5.1_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "5C15FED9-8A8F-4041-B79A-A56E022694F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.5.2_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "53674B92-E0D7-41B2-A7F4-F452AF10E914", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9.5_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "87CF91F3-5D83-4C20-916F-AEBF1653F718", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "DBADEC84-F1C6-4C24-A74E-5B75575D83E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.10.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "CDDA344B-65CE-459F-AD8D-5A79207CC5AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.10.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "E4AB7793-07C0-4A8E-8288-176D90E4D880", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.10.1_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "DC54D0AB-0F66-406C-A8F2-3B2339346AE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "3FC02CEE-16C2-4D61-894B-F593C61490D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.11.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "D2A77297-F63B-4E08-B93F-6382F554E7CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.11.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D75FD0B3-1C01-4304-AFF1-0DE10783D6E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.11.1_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "D120396B-D2A8-4F4F-AF71-8AB09D752491", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "C25F01CA-6B44-44DF-A83C-B29EE24B2F39", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.1_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "015D811E-B457-40A9-B984-3E17A928A9B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "174DA696-D43A-4216-82D0-DC5D839FA22D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.2_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "B370BBD3-2910-4D5C-A761-B817CEAC3562", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "A51663EC-90C6-43EA-A219-85A5BE535E30", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "FD628D28-E9B2-4779-8D8C-4A7DE0751EB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.3_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "9743F49B-96BA-4943-AB44-E2A670F881D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "FBB4BACD-1EF8-46E6-8D82-158C2BBAB189", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "71AA7093-F41E-4CA3-9F1A-DB754575EA2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.13.1_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "411833B3-DC34-4F7E-847B-1DC3ABF0729E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "55940746-03A2-46E4-A76D-6C6483A983EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.14.1_li_images:*:*:*:*:*:*:*", "matchCriteriaId": "90190257-908F-44F9-AF0E-0928ACBD79B1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Catalyst SD-WAN Manager, anteriormente Cisco SD-WAN vManage, podr\u00eda permitir que un atacante remoto autenticado realice un ataque de Cross Site Scripting (XSS) contra un usuario de la interfaz. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando datos maliciosos en un campo de datos espec\u00edfico en una interfaz afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada."}], "id": "CVE-2024-20475", "lastModified": "2024-10-03T17:49:17.797", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2024-09-25T17:15:17.587", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}

{}