CVE-2023-20252

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager Software (affected versions not specified)

Description A vulnerability in the Security Assertion Markup Language (SAML) APIs could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user. This issue is due to improper authentication checks for SAML APIs. An attacker could exploit this vulnerability by sending requests directly to the SAML API, potentially generating an authorization token sufficient to gain access to the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.