Published on: Not Yet Published
Last Modified on: 10/13/2022 04:53:00 PM UTC
CVE-2022-20830 - advisory for cisco-sa-sdwan-avc-NddSGB8Source: Mitre Source: NIST CVE.ORG Print: PDF
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. This vulnerability exists because the GUI is accessible on self-managed cloud installations or local server installations of Cisco vManage. An attacker could exploit this vulnerability by accessing the exposed GUI of Cisco SD-AVC. A successful exploit could allow the attacker to view managed device names, SD-AVC logs, and SD-AVC DNS server IP addresses.
- CVE-2022-20830 has been assigned by [email protected] to track the vulnerability - currently rated as MEDIUM severity.
- The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
- Affected Vendor/Software: Cisco - Cisco SD-WAN vManage version n/a
CVSS3 Score: 5.3 - MEDIUM
|No Description Provided|| tools.cisco.com |
|CISCO 20220928 Cisco Software-Defined Application Visibility and Control on Cisco vManage Authentication Bypass Vulnerability|
Related QID Numbers
- 317240 Cisco Software-Defined Application Visibility and Control on Cisco vManage Authentication Bypass Vulnerability (cisco-sa-sdwan-avc-NddSGB8)
Known Affected Configurations (CPE V2.3)