CVE-2020-3378

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN vManage Software (affected versions not specified)

Description The issue is related to insufficient validation of user-supplied input in the web-based management interface, allowing an authenticated, remote attacker to execute arbitrary SQL queries. This could impact the integrity of an affected system. An attacker could exploit this by sending crafted input that includes SQL statements to an affected system, potentially modifying entries in some database tables and affecting data integrity.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.