Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability

An authentication bypass vulnerability has been identified in Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager. This vulnerability allows an unauthenticated, remote attacker to bypass authentication and gain administrative privileges on the affected system. The issue arises because the peering authentication mechanism is not functioning correctly. Exploitation involves sending crafted requests to the system, which could enable the attacker to log in as a high-privileged, non-root user. With this access, the attacker could utilize NETCONF to manipulate network configurations within the SD-WAN fabric.

Impact

Exploitation of this vulnerability could lead to unauthorized administrative access on the affected system, allowing an attacker to manipulate network configurations via NETCONF.

Remediation

Cisco has released software updates to address this vulnerability. Affected users should upgrade to the latest version of Cisco Catalyst SD-WAN Software. For specific upgrade instructions, consult the Cisco Catalyst SD-WAN Upgrade Matrix or the Cisco Product Security Incident Response Team (PSIRT) guidance.