Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2026-20210
Analyzed
More InfoOfficial Page
Source-psirt@cisco.com
View Known Exploited Vulnerability (KEV) details
Published At-14 May, 2026 | 17:16
Updated At-29 Jun, 2026 | 17:35

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system. This vulnerability exists because of a failure to redact sensitive information within device configurations and templates. An attacker could exploit this vulnerability by elevating their read-only permissions to those of a high-privileged user. A successful exploit could allow the attacker to access or modify configuration settings within Cisco Catalyst SD-WAN Manager as a high-privileged user.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.4MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
N/A
Type: Secondary
Version: 3.1
Base score: 5.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Cisco Systems, Inc.
cisco
>>catalyst_sd-wan_manager>>Versions before 20.9.9.1(exclusive)
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_sd-wan_manager>>Versions from 20.10(inclusive) to 20.12.5.4(exclusive)
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_sd-wan_manager>>Versions from 20.12.6(inclusive) to 20.12.6.2(exclusive)
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_sd-wan_manager>>Versions from 20.13(inclusive) to 20.15.4.4(exclusive)
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_sd-wan_manager>>Versions from 20.15.5(inclusive) to 20.15.5.2(exclusive)
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_sd-wan_manager>>Versions from 20.16(inclusive) to 20.18.2.2(exclusive)
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_sd-wan_manager>>Versions from 26.1(inclusive) to 26.1.1.1(exclusive)
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_sd-wan_manager>>20.12.7
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.7:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-779Secondarypsirt@cisco.com
CWE ID: CWE-779
Type: Secondary
Source: psirt@cisco.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7Rpsirt@cisco.com
Vendor Advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZkpsirt@cisco.com
Not Applicable
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R
Source: psirt@cisco.com
Resource:
Vendor Advisory
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk
Source: psirt@cisco.com
Resource:
Not Applicable
Change History
0Changes found

Details not found