CVE-2020-3401

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN vManage Software (affected versions not specified)

Description The issue is related to insufficient validation of HTTP requests in the web-based management interface, allowing an authenticated, remote attacker to conduct path traversal attacks. This could enable the attacker to obtain read access to sensitive files on the affected system by sending a crafted HTTP request containing directory traversal character sequences. A successful exploit could allow the attacker to view arbitrary files on the affected system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.