CVE-2023-20253

Summary

CVE-2023-20253 is a vulnerability affecting the command line interface (CLI) management interface of Cisco SD-WAN vManage. An authenticated, local attacker with read-only access to the CLI can exploit this issue and bypass authorization, enabling them to roll back configurations on vManage controllers and edge routers. This vulnerability arises due to insufficient access control in the CLI-management interface. The attacker can send a rollback request to impact other controllers and devices managed by an affected system, potentially leading to significant configuration changes.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.