Cisco Catalyst SD-WAN Manager Data Collection Agent Privilege Escalation Vulnerability

A vulnerability exists in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager, prior to version 20.18. This vulnerability allows an authenticated, local attacker to gain DCA user privileges on the affected system. The issue arises because a credential file containing the DCA password is accessible to low-privileged users. An attacker with valid vmanage credentials can exploit this vulnerability by reading the credential file and using the DCA privileges to access other affected systems.

Impact

Exploitation of this vulnerability could lead to unauthorized access and privilege escalation, allowing the attacker to gain DCA user rights on the affected system and potentially access other systems with similar privileges.

Remediation

Cisco has released software updates to address this vulnerability. Customers are advised to upgrade to version 20.18.2.1 or later. For additional guidance, consult the Cisco Catalyst SD-WAN Upgrade Matrix or contact the Cisco Technical Assistance Center (TAC).