CVE-2020-26073

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 18, 2024
CWE ID 35

Summary

CVE-2020-26073 is a vulnerability affecting Cisco SD-WAN vManage Software. It allows unauthenticated, remote attackers to access sensitive information by exploiting improper validation of directory traversal character sequences in application programmatic interface (API) requests. Malicious requests to an API can result in directory traversal attacks, potentially granting attackers access to credentials or user tokens. This issue has been addressed through software updates; no workarounds are available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Cisco Catalyst SD-WAN Manager

Affected Vendors

  • Cisco Systems Inc