CVE-2019-16002

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN Solution vManage (affected versions not specified)

Description The issue is related to a cross-site request forgery (CSRF) attack in the vManage web-based UI of the Cisco SD-WAN Solution. This attack could allow an unauthenticated, remote attacker to perform arbitrary actions with the privilege level of the affected user. The vulnerability is due to insufficient CSRF protections for the web UI. An attacker could exploit this by persuading a user to follow a malicious link.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.