CVE-2026-20129
CRITICAL WAF: Low
CVSS 9.8
Published: 2026-02-25
CWE-287
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An attacker could exploit this vulnerability by sending a crafted request to the API of an affected system. A successful exploit could allow the attacker to execute commands with the privileges of the netadmin role. Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability.
WAF Coverage Analysis
Improper Authentication
Low WAF Coverage
OWASP: A07:2021 Identification and Authentication Failures
Affected Software
| Vendor | Product | Version |
|---|---|---|
| cisco | catalyst_sd-wan_manager | up to 20.9.8.2 |
| cisco | catalyst_sd-wan_manager | 20.11 - 20.12.5.3 |
| cisco | catalyst_sd-wan_manager | 20.13 - 20.15.4.2 |
| cisco | catalyst_sd-wan_manager | 20.16 - 20.18 |
| cisco | catalyst_sd-wan_manager | 20.12.6 |
References
- sec.cloudapps.cisco.com (Vendor Advisory)