CVE-2020-26064

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN vManage Software (affected versions not specified)

Description The issue is related to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this by persuading a user to import a crafted XML file with malicious entries, potentially gaining read and write access to information stored on the affected system. This could allow the attacker to read and write files within the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.