Cisco Catalyst SD-WAN Manager Certificate Validation Vulnerability Allowing Sensitive Information Access

A vulnerability exists in the certificate validation process of Cisco Catalyst SD-WAN Manager (formerly Cisco SD-WAN vManage). This issue could enable an unauthenticated, remote attacker to access sensitive information. The vulnerability arises from improper validation of certificates used by the Smart Licensing feature. An attacker with a privileged network position could exploit this by intercepting Internet traffic, potentially gaining access to sensitive data, including credentials used by the device to connect to Cisco cloud services.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information, including credentials for Cisco cloud services.

Remediation

Cisco has released software updates to address this vulnerability. Customers are advised to upgrade to a fixed release. For guidance on upgrading, consult the Cisco Security Advisories page or contact the Cisco Technical Assistance Center (TAC) or a contracted maintenance provider.