Cisco SD-WAN Manager Multi-Tenant Session Management Bypass
CVE-2023-20254 Published on September 27, 2023

Vulnerability Analysis

Products Associated with CVE-2023-20254

stack.watch emails you whenever new vulnerabilities are published in Cisco Sd Wan Manager or Cisco Catalyst Sd Wan Manager. Just hit a watch button to start following.

Affected Versions

Cisco SD-WAN vManage:

• Version 17.2.6 is affected.
• Version 17.2.7 is affected.
• Version 17.2.8 is affected.
• Version 17.2.9 is affected.
• Version 17.2.10 is affected.
• Version 17.2.4 is affected.
• Version 17.2.5 is affected.
• Version 18.3.1.1 is affected.
• Version 18.3.3.1 is affected.
• Version 18.3.3 is affected.
• Version 18.3.4 is affected.
• Version 18.3.5 is affected.
• Version 18.3.7 is affected.
• Version 18.3.8 is affected.
• Version 18.3.6.1 is affected.
• Version 18.3.1 is affected.
• Version 18.3.0 is affected.
• Version 18.4.0.1 is affected.
• Version 18.4.3 is affected.
• Version 18.4.302 is affected.
• Version 18.4.303 is affected.
• Version 18.4.4 is affected.
• Version 18.4.5 is affected.
• Version 18.4.0 is affected.
• Version 18.4.1 is affected.
• Version 18.4.6 is affected.
• Version 19.2.0 is affected.
• Version 19.2.097 is affected.
• Version 19.2.099 is affected.
• Version 19.2.1 is affected.
• Version 19.2.2 is affected.
• Version 19.2.3 is affected.
• Version 19.2.31 is affected.
• Version 19.2.929 is affected.
• Version 19.2.4 is affected.
• Version 20.1.1.1 is affected.
• Version 20.1.12 is affected.
• Version 20.1.1 is affected.
• Version 20.1.2 is affected.
• Version 20.1.3 is affected.
• Version 19.3.0 is affected.
• Version 19.1.0 is affected.
• Version 18.2.0 is affected.
• Version 20.3.1 is affected.
• Version 20.3.2 is affected.
• Version 20.3.2.1 is affected.
• Version 20.3.3 is affected.
• Version 20.3.3.1 is affected.
• Version 20.3.4 is affected.
• Version 20.3.4.1 is affected.
• Version 20.3.4.2 is affected.
• Version 20.3.5 is affected.
• Version 20.3.6 is affected.
• Version 20.3.7 is affected.
• Version 20.3.7.1 is affected.
• Version 20.3.4.3 is affected.
• Version 20.3.5.1 is affected.
• Version 20.3.7.2 is affected.
• Version 20.4.1 is affected.
• Version 20.4.1.1 is affected.
• Version 20.4.1.2 is affected.
• Version 20.4.2 is affected.
• Version 20.4.2.2 is affected.
• Version 20.4.2.1 is affected.
• Version 20.4.2.3 is affected.
• Version 20.5.1 is affected.
• Version 20.5.1.2 is affected.
• Version 20.5.1.1 is affected.
• Version 20.6.1 is affected.
• Version 20.6.1.1 is affected.
• Version 20.6.2.1 is affected.
• Version 20.6.2.2 is affected.
• Version 20.6.2 is affected.
• Version 20.6.3 is affected.
• Version 20.6.3.1 is affected.
• Version 20.6.1.2 is affected.
• Version 20.6.3.2 is affected.
• Version 20.6.3.3 is affected.
• Version 20.6.3.0.45 is affected.
• Version 20.6.3.0.46 is affected.
• Version 20.6.3.0.47 is affected.
• Version 20.7.1 is affected.
• Version 20.7.1.1 is affected.
• Version 20.7.2 is affected.
• Version 20.8.1 is affected.
• Version 20.9.1 is affected.
• Version 20.9.2 is affected.
• Version 20.9.2.1 is affected.
• Version 20.9.3 is affected.
• Version 20.9.3.1 is affected.
• Version 20.9.2.3 is affected.
• Version 20.9.3.0.12 is affected.
• Version 20.9.3.0.16 is affected.
• Version 20.9.3.0.17 is affected.
• Version 20.9.3.0.18 is affected.
• Version 20.9.3.0.20 is affected.
• Version 20.9.3.0.21 is affected.
• Version 20.9.3.0.23 is affected.
• Version 20.10.1 is affected.
• Version 20.10.1.1 is affected.

cisco catalyst_sd-wan_manager:

• Version 17.2.10, <= 20.9.3.1 is affected.

Exploit Probability