PT-2026-21957 · Cisco · Cisco Catalyst Sd-Wan Manager
Arthur Vidineyev
·
Published
2026-02-25
·
Updated
2026-04-21
·
CVE-2026-20133
CVSS v2.0
7.8
High
| AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Catalyst SD-WAN Manager (affected versions not specified)
Description
An issue in Cisco Catalyst SD-WAN Manager allows an unauthenticated remote attacker to view sensitive information on an affected system. This is caused by insufficient file system access restrictions. An attacker can exploit this by accessing the API of the system to read sensitive information from the underlying operating system. This flaw has been confirmed as exploited in the wild and is included in the CISA Known Exploited Vulnerabilities catalog.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Catalyst Sd-Wan Manager