Details of VAR-202602-4478

ID

VAR-202602-4478

CVE

CVE-2026-20126

TITLE

Cisco Systems Cisco Catalyst SD-WAN Manager privilege in API Improper Use Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2026-006164

DESCRIPTION

A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying operating system. This vulnerability is due to an insufficient user authentication mechanism in the REST API. An attacker could exploit this vulnerability by sending a request to the REST API of the affected system. A successful exploit could allow the attacker to gain root privileges on the underlying operating system. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2026-20126 // JVNDB: JVNDB-2026-006164

AFFECTED PRODUCTS

vendor:	cisco	model:	catalyst sd-wan manager	scope:	lt	version:	20.12.5.3	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	gte	version:	20.11	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	gte	version:	20.16	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	gte	version:	20.13	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	eq	version:	20.12.6	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	lt	version:	20.18.2.1	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	lt	version:	20.9.8.2	Trust: 1.0
vendor:	cisco	model:	catalyst sd-wan manager	scope:	lt	version:	20.15.4.2	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	20.9.8.2	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	20.16 that's all 20.18.2.1	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	20.13 that's all 20.15.4.2	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	20.11 that's all 20.12.5.3	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	20.12.6	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco catalyst sd-wan manager	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2026-006164 // NVD: CVE-2026-20126

CVSS

SEVERITY

CVSSV2

CVSSV3

psirt@cisco.com:	CVE-2026-20126
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2026-20126
value:	HIGH
Trust: 1.0
NVD:	CVE-2026-20126
value:	HIGH
Trust: 0.8

psirt@cisco.com:	CVE-2026-20126
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2026-20126
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2026-20126
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-006164 // NVD: CVE-2026-20126 // NVD: CVE-2026-20126

PROBLEMTYPE DATA

problemtype:	CWE-648	Trust: 1.0
problemtype:	privilege API improper use of (CWE-648) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-006164 // NVD: CVE-2026-20126

PATCH

title:

Cisco Catalyst SD-WAN Vulnerabilities

url:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

Trust: 0.8

sources: JVNDB: JVNDB-2026-006164

EXTERNAL IDS

db:	NVD	id:	CVE-2026-20126	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-006164	Trust: 0.8

sources: JVNDB: JVNDB-2026-006164 // NVD: CVE-2026-20126

REFERENCES

url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sdwan-authbp-qwcx8d4v	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2026-20126	Trust: 0.8

sources: JVNDB: JVNDB-2026-006164 // NVD: CVE-2026-20126

SOURCES

db:	JVNDB	id:	JVNDB-2026-006164
db:	NVD	id:	CVE-2026-20126

LAST UPDATE DATE

2026-03-09T23:46:19.733000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-006164	date:	2026-03-06T06:39:00
db:	NVD	id:	CVE-2026-20126	date:	2026-03-04T21:21:49.053

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-006164	date:	2026-03-06T00:00:00
db:	NVD	id:	CVE-2026-20126	date:	2026-02-25T17:25:28.840