CVE-2026-20210
MediumCVSS 5.4Exploitation Probability (EPSS)
Low risk9th percentile - higher than 9% of all known CVEs
Summary
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) allows an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions. The issue is due to a failure to redact sensitive information within device configurations and templates.
Risk Assessment
An attacker can escalate their read-only permissions to those of a high-privileged user, enabling unauthorized access or modification of configuration settings, potentially compromising system integrity and confidentiality.
Recommendation
It is recommended to immediately apply patches provided by Cisco and restrict web UI access to trusted users only. Review and update permission management policies as well.
Original NVD description (English source)
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system. This vulnerability exists because of a failure to redact sensitive information within device configurations and templates. An attacker could exploit this vulnerability by elevating their read-only permissions to those of a high-privileged user. A successful exploit could allow the attacker to access or modify configuration settings within Cisco Catalyst SD-WAN Manager as a high-privileged user.

