{"api_version":"1","generated_at":"2026-04-21T22:46:29+00:00","cve":"CVE-2026-20128","urls":{"html":"https://cve.report/CVE-2026-20128","api":"https://cve.report/api/cve/CVE-2026-20128.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-20128","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-20128"},"summary":{"title":"Cisco Catalyst SD-WAN Manager Information Disclosure Vulnerability","description":"A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system.\r\n\r\nThis vulnerability is due to the presence of a credential file for the DCA user on an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request and reading the file that contains the DCA password from that affected system. A successful exploit could allow the attacker to access another affected system and gain DCA user privileges.\r\nNote: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability.","state":"PUBLISHED","assigner":"cisco","published_at":"2026-02-25 17:25:30","updated_at":"2026-04-21 12:48:20"},"problem_types":["CWE-257","CWE-257 Storing Passwords in a Recoverable Format"],"metrics":[{"version":"3.1","source":"psirt@cisco.com","type":"Secondary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSSV3_1","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","data":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20128","name":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20128","refsource":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v","name":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v","refsource":"psirt@cisco.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-20128","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20128","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.1.12","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.4.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.4.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.1.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.3.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.099","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.3.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.3.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.3.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.0.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.1.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.4.302","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.4.303","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.097","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.098","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 17.2.10","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.3.6.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.0.1a","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.2.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.4.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.4.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 17.2.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.3.3.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.4.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.3.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 17.2.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 17.2.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.3.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 17.2.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.3.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.3.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.4.0.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.3.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 17.2.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.3.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.4.501_ES","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.1.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.929","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.31","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.32","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.2.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.2.1_927","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 18.4.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.2_928","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.2_929","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.1.0.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.2.1_930","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.5.0.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.4.0.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.2_937","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.5.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.1.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.0.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.1.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.1.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.0.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.1.1.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.1.0.02","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.1.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.1.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.5.1.0.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.1.10","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.0.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.0.14","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.4.0.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 19.2.4.0.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.0.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.2.0.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.5.1.0.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.0.18.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.2.0.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.0.18.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.2.0.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.0.16","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.1.0.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.0.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.7.1EFT2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.0.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.0.11","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.0.18","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.2.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.2.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.2.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.813","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.0.19","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.2.2.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.5.1.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.814","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.2.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.2.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.2.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.1.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.0.20","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.2.2.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.2.2.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.2.0.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.0.24","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.2.2.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.2.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.2.2.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.5.0.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.5.0.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.5.0.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.3.0.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.9.1EFT2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.4.2.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.5.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.3.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.7.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.4.0.25","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.2.2.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.1.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.1.3.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.6.5.1.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.3.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 20.12.501","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","version":"affected 26.1.1","platforms":[]}],"timeline":[{"source":"ADP","time":"2026-04-20T00:00:00.000Z","lang":"en","value":"CVE-2026-20128 added to CISA KEV"}],"solutions":[],"workarounds":[],"exploits":[{"source":"CNA","title":"","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in CVE-2026-20133, CVE-2026-20126, and CVE-2026-20129.\r\n\r\nIn March 2026, the Cisco PSIRT became aware of active exploitation of the vulnerabilities that are described in CVE-2026-20128 and CVE-2026-20122 only. The vulnerabilities that are described in the other CVEs in this advisory are not known to have been compromised. Cisco strongly recommends that customers upgrade to a fixed software release to remediate these vulnerabilities.","time":"","lang":"en"}],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"20128","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"catalyst_sd-wan_manager","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2026","cve_id":"20128","cve":"CVE-2026-20128","vendorProject":"Cisco","product":"Catalyst SD-WAN Manager","vulnerabilityName":"Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability","dateAdded":"2026-04-20","shortDescription":"Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user.","requiredAction":"Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.","dueDate":"2026-04-23","knownRansomwareCampaignUse":"Unknown","notes":"CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v ; https://nvd.nist.gov/vuln/detail/CVE-2026-20128","cwes":"CWE-257","catalogVersion":"2026.04.21","updated_at":"2026-04-21 13:32:17"},"epss":{"cve_year":"2026","cve_id":"20128","cve":"CVE-2026-20128","epss":"0.000120000","percentile":"0.016610000","score_date":"2026-04-20","updated_at":"2026-04-21 00:07:49"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-20128","options":[{"Exploitation":"active"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-02-25T00:00:00+00:00","version":"2.0.3"},"type":"ssvc"}},{"other":{"content":{"dateAdded":"2026-04-20","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20128"},"type":"kev"}}],"providerMetadata":{"dateUpdated":"2026-04-21T03:55:31.648Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"references":[{"tags":["government-resource"],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20128"}],"timeline":[{"lang":"en","time":"2026-04-20T00:00:00.000Z","value":"CVE-2026-20128 added to CISA KEV"}],"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unknown","product":"Cisco Catalyst SD-WAN Manager","vendor":"Cisco","versions":[{"status":"affected","version":"20.1.12"},{"status":"affected","version":"19.2.1"},{"status":"affected","version":"18.4.4"},{"status":"affected","version":"18.4.5"},{"status":"affected","version":"20.1.1.1"},{"status":"affected","version":"20.1.1"},{"status":"affected","version":"19.3.0"},{"status":"affected","version":"19.2.2"},{"status":"affected","version":"19.2.099"},{"status":"affected","version":"18.3.6"},{"status":"affected","version":"18.3.7"},{"status":"affected","version":"19.2.0"},{"status":"affected","version":"18.3.8"},{"status":"affected","version":"19.0.0"},{"status":"affected","version":"19.1.0"},{"status":"affected","version":"18.4.302"},{"status":"affected","version":"18.4.303"},{"status":"affected","version":"19.2.097"},{"status":"affected","version":"19.2.098"},{"status":"affected","version":"17.2.10"},{"status":"affected","version":"18.3.6.1"},{"status":"affected","version":"19.0.1a"},{"status":"affected","version":"18.2.0"},{"status":"affected","version":"18.4.3"},{"status":"affected","version":"18.4.1"},{"status":"affected","version":"17.2.8"},{"status":"affected","version":"18.3.3.1"},{"status":"affected","version":"18.4.0"},{"status":"affected","version":"18.3.1"},{"status":"affected","version":"17.2.6"},{"status":"affected","version":"17.2.9"},{"status":"affected","version":"18.3.4"},{"status":"affected","version":"17.2.5"},{"status":"affected","version":"18.3.1.1"},{"status":"affected","version":"18.3.5"},{"status":"affected","version":"18.4.0.1"},{"status":"affected","version":"18.3.3"},{"status":"affected","version":"17.2.7"},{"status":"affected","version":"18.3.0"},{"status":"affected","version":"19.2.3"},{"status":"affected","version":"18.4.501_ES"},{"status":"affected","version":"20.3.1"},{"status":"affected","version":"20.1.2"},{"status":"affected","version":"19.2.929"},{"status":"affected","version":"19.2.31"},{"status":"affected","version":"20.3.2"},{"status":"affected","version":"19.2.32"},{"status":"affected","version":"20.3.2.1"},{"status":"affected","version":"20.3.2.1_927"},{"status":"affected","version":"18.4.6"},{"status":"affected","version":"20.3.2_928"},{"status":"affected","version":"20.3.2_929"},{"status":"affected","version":"20.4.1.0.1"},{"status":"affected","version":"20.3.2.1_930"},{"status":"affected","version":"19.2.4"},{"status":"affected","version":"20.5.0.1.1"},{"status":"affected","version":"20.4.1.1"},{"status":"affected","version":"20.3.3"},{"status":"affected","version":"19.2.4.0.1"},{"status":"affected","version":"20.3.2_937"},{"status":"affected","version":"20.5.1"},{"status":"affected","version":"20.1.3"},{"status":"affected","version":"20.3.3.0.4"},{"status":"affected","version":"20.3.3.1.2"},{"status":"affected","version":"20.3.3.1.1"},{"status":"affected","version":"20.4.1.2"},{"status":"affected","version":"20.3.3.0.2"},{"status":"affected","version":"20.4.1.1.5"},{"status":"affected","version":"20.4.1.0.02"},{"status":"affected","version":"20.3.3.1.7"},{"status":"affected","version":"20.3.3.1.5"},{"status":"affected","version":"20.5.1.0.1"},{"status":"affected","version":"20.3.3.1.10"},{"status":"affected","version":"20.3.3.0.8"},{"status":"affected","version":"20.4.2"},{"status":"affected","version":"20.3.4"},{"status":"affected","version":"20.3.3.0.14"},{"status":"affected","version":"19.2.4.0.8"},{"status":"affected","version":"19.2.4.0.9"},{"status":"affected","version":"20.3.4.0.1"},{"status":"affected","version":"20.3.2.0.5"},{"status":"affected","version":"20.5.1.0.2"},{"status":"affected","version":"20.6.1.1"},{"status":"affected","version":"20.6.0.18.3"},{"status":"affected","version":"20.3.2.0.6"},{"status":"affected","version":"20.6.0.18.4"},{"status":"affected","version":"20.4.2.0.2"},{"status":"affected","version":"20.3.3.0.16"},{"status":"affected","version":"20.6.1.0.1"},{"status":"affected","version":"20.3.4.0.6"},{"status":"affected","version":"20.7.1EFT2"},{"status":"affected","version":"20.3.4.0.9"},{"status":"affected","version":"20.3.4.0.11"},{"status":"affected","version":"20.3.3.0.18"},{"status":"affected","version":"20.6.2.1"},{"status":"affected","version":"20.3.4.1"},{"status":"affected","version":"20.4.2.1"},{"status":"affected","version":"20.4.2.1.1"},{"status":"affected","version":"20.3.4.1.1"},{"status":"affected","version":"20.3.813"},{"status":"affected","version":"20.3.4.0.19"},{"status":"affected","version":"20.4.2.2.1"},{"status":"affected","version":"20.5.1.2"},{"status":"affected","version":"20.3.814"},{"status":"affected","version":"20.4.2.2"},{"status":"affected","version":"20.6.2.2"},{"status":"affected","version":"20.3.4.2.1"},{"status":"affected","version":"20.3.4.1.2"},{"status":"affected","version":"20.3.4.0.20"},{"status":"affected","version":"20.6.2.2.3"},{"status":"affected","version":"20.4.2.2.2"},{"status":"affected","version":"20.6.2.0.4"},{"status":"affected","version":"20.3.4.0.24"},{"status":"affected","version":"20.6.2.2.7"},{"status":"affected","version":"20.3.4.2.2"},{"status":"affected","version":"20.4.2.2.4"},{"status":"affected","version":"20.3.5.0.8"},{"status":"affected","version":"20.3.5.0.9"},{"status":"affected","version":"20.3.5.0.7"},{"status":"affected","version":"20.6.3.0.2"},{"status":"affected","version":"20.9.1EFT2"},{"status":"affected","version":"20.3.6"},{"status":"affected","version":"20.3.7"},{"status":"affected","version":"20.4.2.3"},{"status":"affected","version":"20.3.5.1"},{"status":"affected","version":"20.3.4.3"},{"status":"affected","version":"20.3.3.2"},{"status":"affected","version":"20.3.7.1"},{"status":"affected","version":"20.3.4.0.25"},{"status":"affected","version":"20.6.2.2.4"},{"status":"affected","version":"20.6.1.2"},{"status":"affected","version":"20.1.3.1"},{"status":"affected","version":"20.6.5.1.4"},{"status":"affected","version":"20.3.8"},{"status":"affected","version":"20.12.501"},{"status":"affected","version":"26.1.1"}]}],"descriptions":[{"lang":"en","value":"A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system.\r\n\r\nThis vulnerability is due to the presence of a credential file for the DCA user on an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request and reading the file that contains the DCA password from that affected system. A successful exploit could allow the attacker to access another affected system and gain DCA user privileges.\r\nNote: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability."}],"exploits":[{"lang":"en","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in CVE-2026-20133, CVE-2026-20126, and CVE-2026-20129.\r\n\r\nIn March 2026, the Cisco PSIRT became aware of active exploitation of the vulnerabilities that are described in CVE-2026-20128 and CVE-2026-20122 only. The vulnerabilities that are described in the other CVEs in this advisory are not known to have been compromised. Cisco strongly recommends that customers upgrade to a fixed software release to remediate these vulnerabilities."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","version":"3.1"},"format":"cvssV3_1"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-257","description":"Storing Passwords in a Recoverable Format","lang":"en","type":"cwe"}]}],"providerMetadata":{"dateUpdated":"2026-03-20T21:47:33.415Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"name":"cisco-sa-sdwan-authbp-qwCX8D4v","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v"}],"source":{"advisory":"cisco-sa-sdwan-authbp-qwCX8D4v","defects":["CSCws33585"],"discovery":"INTERNAL"},"title":"Cisco Catalyst SD-WAN Manager Information Disclosure Vulnerability"}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2026-20128","datePublished":"2026-02-25T16:14:12.353Z","dateReserved":"2025-10-08T11:59:15.379Z","dateUpdated":"2026-04-21T03:55:31.648Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-02-25 17:25:30","lastModifiedDate":"2026-04-21 12:48:20","problem_types":["CWE-257","CWE-257 Storing Passwords in a Recoverable Format"],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":6}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"20.9.8.2","matchCriteriaId":"0388BD67-C1AD-4E47-8B1A-22EE1634190E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.10","versionEndExcluding":"20.12.5.3","matchCriteriaId":"ADAB32B5-239D-4DC0-BF30-A6D72ACB3710"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.13","versionEndExcluding":"20.15.4.2","matchCriteriaId":"D284EA84-6C27-4A9C-BDA2-D1C5BF1F2356"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.16","versionEndExcluding":"20.18","matchCriteriaId":"79B0897E-0FF3-44CA-901F-A10A6921672D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.6:*:*:*:*:*:*:*","matchCriteriaId":"F5B6E170-73B8-4838-93B4-AD258F3BCA7C"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"20128","Ordinal":"1","Title":"Cisco Catalyst SD-WAN Manager Information Disclosure Vulnerabili","CVE":"CVE-2026-20128","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"20128","Ordinal":"1","NoteData":"A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system.\r\n\r\nThis vulnerability is due to the presence of a credential file for the DCA user on an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request and reading the file that contains the DCA password from that affected system. A successful exploit could allow the attacker to access another affected system and gain DCA user privileges.\r\nNote: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability.","Type":"Description","Title":"Cisco Catalyst SD-WAN Manager Information Disclosure Vulnerabili"}]}}}