CVE-2023-20179

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Sep 27, 2023
Updated: Jan 25, 2024
CWE ID 79
CWE ID 80

Summary

CVE-2023-20179 is a vulnerability that affects the web-based management interface of Cisco Catalyst SD-WAN Manager. The vulnerability allows an authenticated remote attacker to inject HTML content into the system. This is possible due to improper validation of user-supplied data in element fields. Exploiting this vulnerability could lead to the modification of pages within the web-based management interface, potentially enabling further browser-based attacks against users. To remediate this vulnerability, Cisco has released software updates that address the issue and recommends that users apply these updates as soon as possible.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-20179 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options