PT-2026-21955 · Cisco · Cisco Catalyst Sd-Wan Manager
Arthur Vidineyev
·
Published
2026-02-25
·
Updated
2026-03-20
·
CVE-2026-20128
CVSS v3.1
7.5
High
| AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco Catalyst SD-WAN Manager versions prior to 20.18
Description
A flaw exists in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager. This issue could allow an authenticated, local attacker with valid
vmanage credentials to obtain DCA user privileges on a vulnerable system. The root cause is the storage of DCA user credentials in a recoverable format within a credential file on the affected system. An attacker with low-privileged access to the filesystem can read this file and extract the DCA password. Successful exploitation could enable the attacker to access other affected systems and gain DCA user privileges.Recommendations
Upgrade to Cisco Catalyst SD-WAN Manager version 20.18 or later.
Fix
LPE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Catalyst Sd-Wan Manager