Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2020-3592

Published: 06/11/2020 Updated: 07/11/2023
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Sd-wan Vmanage

Vulnerability Summary

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to bypass authorization and modify the configuration of an affected system. The vulnerability is due to insufficient authorization checking on an affected system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the malicious user to gain privileges beyond what would normally be authorized for their configured user authorization level. This could allow the malicious user to modify the configuration of an affected system.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco sd-wan vmanage

cisco catalyst sd-wan manager 20.3.1

Vendor Advisories

Cisco: Cisco SD-WAN vManage Software Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system The vulnerability is due to insufficient authorization checking on an affected system An attacker could exploit this vulnerability by sendin ...

Exploits

Exploit DB: VMware vCenter Server 6.7 Authentication Bypass
VMware vCenter Server version 67 authentication bypass exploit ...

References

CWE-863https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanuafw-ZHkdGGEyhttps://nvd.nist.govhttps://packetstormsecurity.com/files/157896/VMware-vCenter-Server-6.7-Authentication-Bypass.htmlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanuafw-ZHkdGGEy
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook