Vulnslist

find the latest Cisco vulnerabilities

Cisco SD-WAN vManage Unauthenticated REST API Access Vulnerability

cisco-sa-vmanage-unauthapi-sphCLYPA · Critical · Published · Updated

A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write permissions to the configuration of an affected Cisco SD-WAN vManage instance. This vulnerability is due to insufficient request validation when using the REST API feature. An attacker could exploit this vulnerability by sending a crafted API request to an affected vManage instance. A successful exploit could allow the attacker to retrieve information from and send information to the configuration of the affected Cisco vManage instance. This vulnerability only affects the REST API and does not affect the web-based management interface or the CLI. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-unauthapi-sphCLYPA

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability. However, to mitigate this vulnerability and significantly reduce the attack surface, network administrators should enable access control lists (ACLs) to limit access to the vManage instance.

In cloud hosted deployments, access to vManage is limited by ACLs that contain permitted IP addresses. Network administrators should review and edit the permitted IP addresses in the ACLs. In on-premises deployments, vManage access can be limited in a similar way by using ACLs and configuring permitted IP addresses.

While this mitigation has been deployed and was proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment.

CVEsCVE-2023-20214
Cisco Bug IDsCSCwf76218, CSCwf82344
CVSS ScoreBase 9.1
Base 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco SD-WAN vManage, Cisco Catalyst SD-WAN Manager

Related Products

Product CVE Evidence
Cisco SD-WAN vManage CVE-2023-20214 Cisco OpenVuln
Cisco Catalyst SD-WAN Manager CVE-2023-20214 Cisco OpenVuln
Cisco Catalyst SD-WAN CVE-2023-20214 Cisco OpenVuln