CVE-2020-26073
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Nov 18, 2024
CWE ID 35
Summary
CVE-2020-26073 is a vulnerability affecting Cisco SD-WAN vManage Software. It allows unauthenticated, remote attackers to access sensitive information by exploiting improper validation of directory traversal character sequences in application programmatic interface (API) requests. Malicious requests to an API can result in directory traversal attacks, potentially granting attackers access to credentials or user tokens. This issue has been addressed through software updates; no workarounds are available.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Cisco Catalyst SD-WAN Manager
Affected Vendors
- Cisco Systems Inc