Cisco SD-WAN vManage REST API Auth Bypass: Unauthorized Config Access
CVE-2023-20214 Published on August 3, 2023
A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write permissions to the configuration of an affected Cisco SD-WAN vManage instance. This vulnerability is due to insufficient request validation when using the REST API feature. An attacker could exploit this vulnerability by sending a crafted API request to an affected vManage instance. A successful exploit could allow the attacker to retrieve information from and send information to the configuration of the affected Cisco vManage instance. This vulnerability only affects the REST API and does not affect the web-based management interface or the CLI.
Vulnerability Analysis
CVE-2023-20214 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.
Weakness Type
What is an authentification Vulnerability?
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.
CVE-2023-20214 has been classified to as an authentification vulnerability or weakness.
Products Associated with CVE-2023-20214
stack.watch emails you whenever new vulnerabilities are published in Cisco Sd Wan Vmanage or Cisco Catalyst Sd Wan Manager. Just hit a watch button to start following.
Affected Versions
Cisco SD-WAN vManage:- Version 20.6.4 is affected.
- Version 20.6.5 is affected.
- Version 20.6.5.1 is affected.
- Version 20.6.4.1 is affected.
- Version 20.6.5.2 is affected.
- Version 20.6.5.4 is affected.
- Version 20.6.3.3 is affected.
- Version 20.6.4.0.21 is affected.
- Version 20.6.5.1.10 is affected.
- Version 20.6.5.1.11 is affected.
- Version 20.6.5.1.7 is affected.
- Version 20.6.5.1.9 is affected.
- Version 20.6.5.2.4 is affected.
- Version 20.6.5.2.8 is affected.
- Version 20.6.5.1.13 is affected.
- Version 20.7.1 is affected.
- Version 20.7.1.1 is affected.
- Version 20.7.2 is affected.
- Version 20.8.1 is affected.
- Version 20.9.1 is affected.
- Version 20.9.2 is affected.
- Version 20.9.2.1 is affected.
- Version 20.9.3 is affected.
- Version 20.9.3.1 is affected.
- Version 20.9.2.3 is affected.
- Version 20.9.3.0.12 is affected.
- Version 20.9.3.0.16 is affected.
- Version 20.9.3.0.17 is affected.
- Version 20.9.3.0.18 is affected.
- Version 20.9.3.0.20 is affected.
- Version 20.9.3.0.21 is affected.
- Version 20.9.3.0.23 is affected.
- Version 20.10.1 is affected.
- Version 20.10.1.1 is affected.
- Version 20.11.1 is affected.
- Version 20.11.1.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.