SB20260514105 - Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager

Security Bulletin ID SB20260514105

CSH Severity

High

Patch available

YES

Number of vulnerabilities 3

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 3 vulnerabilities.

1) Inclusion of Sensitive Information in Log Files (CVE-ID: CVE-2026-20209)

The vulnerability allows a remote user to escalate privileges.

The vulnerability exists due to insertion of sensitive information into log files in the web UI when recording audit logs. A remote user can leverage sensitive session information in audit logs to escalate privileges.

The issue requires read-only permissions.

2) Information disclosure (CVE-ID: CVE-2026-20210)

The vulnerability allows a remote user to modify configurations and perform unauthorized actions.

The vulnerability exists due to improper redaction of sensitive information in device configurations and templates in the web UI when exposing configuration data. A remote user can leverage exposed sensitive information to modify configurations and perform unauthorized actions.

The issue requires read-only permissions.

3) XML External Entity injection (CVE-ID: CVE-2026-20224)

The vulnerability allows a remote attacker to read arbitrary files.

The vulnerability exists due to improper handling of XML external entity entries in the web UI when parsing an XML file. A remote attacker can send a crafted request to read arbitrary files.

Remediation

Install update from vendor's website.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R