CVE-2026-20210

Published: Mag 14, 2026 Last Modified: Mag 14, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,4
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: low
Availability: none

Description

AI Translation Available

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system.

This vulnerability exists because of a failure to redact sensitive information within device configurations and templates. An attacker could exploit this vulnerability by elevating their read-only permissions to those of a high-privileged user. A successful exploit could allow the attacker to access or modify configuration settings within Cisco Catalyst SD-WAN Manager as a high-privileged user.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0003
Percentile
0,1th
Updated

EPSS Score Trend (Last 6 Days)

779

Logging of Excessive Data

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Non-Repudiation
Potential Impacts:
Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Other) Hide Activities
Applicable Platforms
All platforms may be affected
Likelihood of Exploit: Low
View CWE Details
https://sec.cloudapps.cisco.com/security/center/content/Cis…
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/c…
https://sec.cloudapps.cisco.com/security/center/content/Cis…
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/c…