CVE-2020-26064

{"id": "CVE-2020-26064", "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2023-08-04T21:15:09.580", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx2-KpFVSUc", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx2-KpFVSUc", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-611"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system.\r\n The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by persuading a user to import a crafted XML file with malicious entries. A successful exploit could allow the attacker to read and write files within the affected application."}], "lastModified": "2024-11-21T05:19:07.480", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:17.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0D5F32C-BFC1-49CC-BE96-920FCBE567B0"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:17.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F621202C-3851-4D7E-BFA2-DABB08E73DB6"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:17.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38132BE5-528B-472E-9249-B226C0DE1C80"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:17.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37C817B2-DDB9-4CAF-96C9-776482A8597D"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:17.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC5D29FD-0917-4C1F-AE75-2D63F5C9C58D"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:17.2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E3090C4-15E6-4746-B0D2-27665AB91B08"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:17.2.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04E924CC-3161-436D-93F0-066F76172F55"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7ED059CD-AD0A-4748-8390-8CDCF4C4D1CC"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6990E97D-30E9-42A9-AE6A-CC597DF75B0B"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15B60BA4-EA02-4D0D-82C3-1B08016EF5AE"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9DC51F7-72D4-4593-8DDE-8AA3955BB826"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B047A011-1C27-4D86-99C1-BFCDC7F04A9B"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DADEA8FB-3298-4534-B65E-81060E3DB45A"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4C6DF1F-4995-4486-8F90-9EFD6417ABA6"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D249954-93E0-4124-B9BA-84B9F34D7CB1"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.3.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7F20EBE-DFDF-4996-93D1-28EE776BC777"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DF09CAB-CA1B-428E-9A0B-AADACE9201A0"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D99ED480-C206-48DD-9DF3-FC60D91B98A3"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DC515B6-27A3-4723-9792-2BA42EF63E44"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEC0BBDA-FAE5-4AF7-81C8-83041A58E8E7"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A066E28-31B0-46C7-ABB8-F5D1F3A303C9"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8F536CC-29D6-401E-92C5-964FDBDCCE65"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9139593A-9414-488D-AA3A-5560C643587D"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07BFB47E-F456-4782-98D7-68D02500FDD3"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.4.302:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33BEBE47-AF47-4994-871D-5969270EE5AD"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:18.4.303:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A27094E7-E6F3-47CA-A90A-86FEA2F1BE33"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:19.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D6D47A0-43A2-4F9F-830B-B2FB79E779A5"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:19.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87E7B932-950A-4573-832F-8477FABA5929"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:19.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1711A70-5931-4C1F-B522-46AD2E5D7C51"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:19.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE41B8AE-8F1E-4116-BDDC-65B913AD448E"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:19.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7EC80219-C760-4CA8-B360-7B6545F502C2"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:19.2.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9E425CF-5773-4C17-B284-588DDCE8DE43"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:19.2.097:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34886EDF-1C10-4F57-A82D-FF1AF668E2C1"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:19.2.099:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D7B3B10-6936-4352-9EE7-561BB1918769"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:19.2.929:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EB69F8B-67CB-4296-893A-7A35B155EBEA"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:19.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "491BD04C-85BE-4766-9965-59744D2639CE"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "545F75A3-451C-4993-98AE-51C23EF49927"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BB0DD6B-6C4D-4FF4-97AB-815A4566320F"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.1.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "482DC851-7E33-4487-8219-6675091FD7C7"}, {"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAFBFE36-6913-4122-A537-F2AA1562FE69"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}