VYPR
← All advisories
Medium severity5.4NVD Advisory· Published May 14, 2026· Updated May 14, 2026

CVE-2026-20210

CVE-2026-20210

Description

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system.

This vulnerability exists because of a failure to redact sensitive information within device configurations and templates. An attacker could exploit this vulnerability by elevating their read-only permissions to those of a high-privileged user. A successful exploit could allow the attacker to access or modify configuration settings within Cisco Catalyst SD-WAN Manager as a high-privileged user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An authenticated, read-only user can elevate privileges via Cisco Catalyst SD-WAN Manager's failure to redact sensitive data in configurations.

Vulnerability

The vulnerability exists in the web UI of Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage). It is caused by a failure to redact sensitive information within device configurations and templates [2]. Any deployment type is affected, including On-Prem and cloud-hosted instances [2].

Exploitation

An attacker with valid read-only credentials for the affected system can exploit this flaw. By reviewing device configurations and templates that contain unredacted sensitive data, the attacker can obtain the credentials of a high-privileged user [1][2]. No additional user interaction or race window is required.

Impact

Successful exploitation grants the attacker an effective privilege escalation from read-only to high-privileged user access. This allows the attacker to view or modify any configuration settings within Cisco Catalyst SD-WAN Manager, potentially compromising the entire SD-WAN fabric's security [2].

Mitigation

Cisco has released software updates that address this vulnerability. There are no workarounds. Customers should upgrade to the fixed software version indicated in the Cisco Security Advisory [2].

References
  1. Cisco Security Advisory: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
  2. Cisco Security Advisory: Cisco Catalyst SD-WAN Manager Vulnerabilities

AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

1