Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability

A reflected HTML injection vulnerability has been identified in the web interface of Cisco Catalyst SD-WAN Manager (formerly Cisco SD-WAN vManage). This vulnerability allows an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. The issue arises from improper input sanitization in the web interface. An attacker could exploit this vulnerability by persuading an authenticated user to click on a malicious link, potentially leading to the injection of HTML into the user's browser.

Impact

Exploitation of this vulnerability could allow an attacker to inject HTML into the browser of an authenticated Cisco Catalyst SD-WAN Manager user.

Remediation

Cisco has released software updates to address this vulnerability. Customers are advised to upgrade to a fixed release. For guidance on upgrading, consult the Cisco Security Advisories page or contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider.