Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability

A vulnerability exists in the web UI of Cisco Catalyst SD-WAN Manager that could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions. This issue arises from a failure to properly redact sensitive information in device configurations and templates, enabling attackers to elevate their permissions to those of a high-privileged user. Exploitation of this vulnerability could lead to unauthorized access or modification of configuration settings within Cisco Catalyst SD-WAN Manager as a high-privileged user.

Impact

Exploitation allows an attacker to elevate read-only permissions to high privileges, enabling unauthorized modifications to configurations and actions within the application.

Remediation

Cisco has released software updates to address this vulnerability. Customers should upgrade to the latest version of Cisco Catalyst SD-WAN Software. For additional information, consult the Cisco Catalyst SD-WAN Upgrade Matrix or contact the Cisco Technical Assistance Center (TAC).