Cisco Catalyst SD-WAN Manager Certificate Validation Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 5.9 Security Advisory

TL;DR 📌

A vulnerability in the Cisco Catalyst SD-WAN Manager could allow an unauthenticated remote attacker to access sensitive information due to improper certificate validation. Cisco has released updates to address this issue, but there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability has been identified in the certificate validation processing of Cisco Catalyst SD-WAN Manager, previously known as Cisco SD-WAN vManage. This flaw could enable an unauthenticated remote attacker to exploit improper validation of certificates used by the Smart Licensing feature. By intercepting traffic sent over the Internet, an attacker could potentially gain access to sensitive information, including device credentials for connecting to Cisco cloud services.

Affected products 🖥️

The vulnerability affects Cisco Catalyst SD-WAN Manager when it is configured to connect to Smart Licensing services hosted by Cisco. For detailed information on which specific software releases are vulnerable, please refer to the Fixed Software section of the advisory.

Fixed software 🔧

Upgrade to at least the first fixed release in your train (or later):

Product / Release Train First Fixed Release Notes
ISE / ISE-PIC 20.12 20.12.5
ISE / ISE-PIC 20.15 20.15.2
ISE / ISE-PIC 20.16 Not vulnerable.
ISE / ISE-PIC 1.0 Initial public release.

Workarounds 🧯

There are no workarounds available to mitigate this vulnerability.

Risk in context 🎯

The highest CVSS score for this vulnerability is 5.9, categorized as MEDIUM severity. While this indicates a moderate risk, the potential for an attacker to access sensitive information underscores the importance of applying the provided software updates promptly.

Fast facts ⚡

  • Advisory ID: cisco-sa-catalyst-tls-PqnD5KEJ
  • CVSS Score: 5.9 (MEDIUM)
  • Vulnerability Type: Certificate Validation
  • Exploitation: Possible via privileged network position
  • No workarounds available

For leadership 🧭

It is crucial for organizations using Cisco Catalyst SD-WAN Manager to prioritize the application of the latest software updates to mitigate the risk associated with this vulnerability. The potential exposure of sensitive information could have significant implications for security and compliance. Regularly reviewing Cisco’s security advisories and ensuring that all systems are updated is a best practice for maintaining a secure network environment.