CVE-2026-20182
Published May 14, 2026
Last updated a month ago
AI description
CVE-2026-20182 is an authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controller (formerly vSmart) and Cisco Catalyst SD-WAN Manager (formerly vManage). The flaw resides in the peering authentication mechanism during the control connection handshaking process, which does not function correctly. This allows an unauthenticated, remote attacker to bypass authentication by sending crafted requests to the affected system. A successful exploit enables the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as a high-privileged, non-root user account. From this position, the attacker can access NETCONF, which then allows them to manipulate the network configuration for the entire SD-WAN fabric. This vulnerability has been added to CISA's Known Exploited Vulnerabilities Catalog.
- Description
- May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show Control Connections guidance to help with system checks. A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
- Products
- catalyst_sd-wan_manager, sd-wan_vsmart_controller
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
- Exploit added on
- May 14, 2026
- Exploit action due
- May 17, 2026
- Required action
- Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlined in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
- psirt@cisco.com
- CWE-287
- Hype score
- Not currently trending
🚨 CISA has added a new Cisco Catalyst SD-WAN zero-day to its Known Exploited Vulnerabilities catalog. CVE-2026-20245 (CVSS 7.8) — allows arbitrary command execution as root. But here's the dangerous part — attackers are chaining 3 CVEs together: 🔗 CVE-2026-20182 (CVS
@techepages
12 Jun 2026
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco ha confermato lo sfruttamento attivo di CVE-2026-20245 nel Catalyst SD-WAN Manager — il settimo zero-day sulla piattaforma dall'inizio del 2026. L'attore UAT-8616, attivo su questi sistemi dal 2023, ha già sfruttato CVE-2026-20127 e CVE-2026-20182 (CVSS 10.0 auth bypass)
@trinacriatech
9 Jun 2026
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182) https://t.co/wppI7gzCfW https://t.co/xg1lNlE1hw
@dansantanna
23 May 2026
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 #CyberSecurity CVE-2026-20182: Cisco Catalyst SD-WAN Auth Bypass & HUSTOJ RCE Detection Guide "Metasploit modules released for critical flaws in Cisco Catalyst SD-WAN and HUSTOJ." 🔗 https://t.co/GhaMLMuSUw #CyberSecurity #ThreatIntel #cve #zeroday #patchtuesday
@SecurityAr58409
23 May 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
تم إصدار نموذج تجاوز المصادقة لـ Cisco Catalyst SD-WAN Controller vHub (CVE-2026-20182). هذا الإعلان يهم المهنيين في مجال الأمن السيبراني والشبكات. An authentication bypass module for Cisco Catalyst SD-W
@fad_777
22 May 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco Catalyst SD-WAN Zero-Day Vulnerability (CVE-2026-20182) https://t.co/0AaGDAWsej A critical vulnerability, CVE-2026-20182, with a CVSS score of 10, was disclosed by Cisco on May 14th, 2026, affecting Cisco Catalyst SD-WAN Controller and SD-WAN Manager. This flaw allows re
@f1tym1
22 May 2026
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Recent DNS DoS and Windows DNS RCE (CVE-2026-41096) expose transit data via network code execution. A Cisco SD-WAN zero-day (CVE-2026-20182) also risks integrity/privacy in transit. Patch now! #Cybersecurity #NetSec #Vulnerabilities
@YourAnon_irc
21 May 2026
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco Catalyst SD-WAN Authentication Bypass (CVE-2026-20182) #education #networking #tech #thenetworkdna https://t.co/QSYR1YUT08
@Networksbaselin
20 May 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
للمرة السادسة هذا العام، ثغرة authentication bypass في Cisco Catalyst SD-WAN تُضاف لقائمة CISA KEV. CVE-2026-20182 بـ CVSS 10.0 تمنح مهاجماً بعيداً صلاحيات admin بحزم مُعدّة بدون بيانات دخول.
@KasperskyDev
20 May 2026
109 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 THREAT ALERT May 20 2026: Cisco SD-WAN CVE-2026-20182 OVERDUE patch. PAN-OS RCE CVE-2026-0300. Active: ClearFake RemcosRAT Vidar CobaltStrike Mirai. NYC H+H 1.8M breach. Block malicious IPs and domains listed in full report. #CyberSecurity #ThreatIntel #InfoSec https://t.co/
@404LABSx
20 May 2026
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New critical zero-days & CVEs: OWA Spoofing (CVE-2026-42897), SD-WAN (CVE-2026-20182), and PAN-OS (CVE-2026-0300) actively exploited. Threatens data privacy & integrity in transit. #Cybersecurity #ZeroDay #News
@YourAnon_irc
20 May 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two critical zero-days need your attention today. Unpatched Exchange CVE-2026-42897: exploited via crafted email, no patch yet. Cisco SD-WAN CVE-2026-20182 (CVSS 10.0): max-severity auth bypass, CISA 3-day federal deadline. Both active in the wild now. https://t.co/F0vOZsc5S2 htt
@OpenVPN
19 May 2026
105 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-2276 2 - CVE-2026-42945 3 - CVE-2026-20182 4 - CVE-2026-40369 5 - CVE-2026-29205 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
19 May 2026
140 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2026-20182 في Cisco Catalyst SD-WAN Controller تُستغل الآن كـ zero-day من مجموعة UAT-8616. المهاجم يتجاوز المصادقة عبر UDP 12346 ويحقن SSH keys ويعيد كتابة إعدادات SD-WAN بالكامل. CISA أصدرت
@KasperskyDev
19 May 2026
148 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
【Cisco SD-WAN CVE-2026-20182、KEV入り・管理者権限取得リスク】 Cisco Catalyst SD-WAN Controller/ManagerのCVE-2026-20182がCISA KEVに追加され、CVSS
@01ra66it
19 May 2026
195 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-41089 2 - CVE-2023-38606 3 - CVE-2020-17103 4 - CVE-2026-46333 5 - CVE-2026-20182 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
18 May 2026
159 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
cisco dropped CVE-2026-20182. an unauth bug, CVSS 10.0, exploit available. if you have cisco in your stack, rotate keys and lock down 0.0.0.0/0 access on port 22. #Cisco #exploit #CVE-2026-20182 https://t.co/ylsKtqEBBU
@trerbbb
18 May 2026
84 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Cisco SD-WAN (CVE-2026-20182) and Exchange Server (CVE-2026-42897) are actively exploited in the wild! Discover the top threats you must patch now. #CyberSecurity #InfoSec #VulnerabilityAlert #CVE202620182 #CVE202642897 #Cisco #ExchangeServer #ZeroDay https://t.co/sHCEyUdZVd htt
@the_yellow_fall
18 May 2026
428 Impressions
1 Retweet
2 Likes
1 Bookmark
0 Replies
0 Quotes
20:24 UTC: CVE-2026-20182 disclosed. ‼️CVE-2026-20182: Critical Cisco SD-WAN Auth Bypass Under Active Exploitation 0day Intel: ‼️CVE-2026-20182: Critical Cisco SD-WAN Auth Bypass Under Active Exploitation
@lyrie_ai
18 May 2026
63 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Ciscoが、悪用されている別のSD-WANゼロデイ脆弱性(CVE-2026-20182)に対するパッチを公開 Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182) #HelpNetSecurity (May 15) https://t.co/b7X1pMUsJg
@foxbook
18 May 2026
273 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-20182: Today @rapid7 and Cisco are disclosing CVE-2026-20182, a critical (CVSS 10.0) auth bypass affecting Cisco Catalyst SD-WAN Controller, found by @CryptoCat and I when we were researching CVE-2026-20127 last Feb. An unauth attacker can become the vmanage-admin…
@lyrie_ai
18 May 2026
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
米当局、「Cisco SD-WAN」の脆弱性悪用で緊急対応を要請:Security NEXT https://t.co/AJJoyM3PCs "認証をバイパスできる脆弱性「CVE-2026-20182」が判明。共通脆弱性評価システム「CVSSv3.1」のベーススコアは「10.0」と評価…
@catnap707
17 May 2026
296 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-20182: 🚨 Rapid7 Labs has discovered an authentication bypass vuln. affecting #Cisco Catalyst SD-WAN Controller (FKA vSmart). CVE-2026-20182 has a Critical CVSSv3.1 score of 10.0 and allows a remote unauth. attacker to perform privileged operations. Read on:…
@lyrie_ai
17 May 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Critical exploits (May 16): Exchange (CVE-2026-42897), SD-WAN (CVE-2026-20182) & DNS (CVE-2026-41096) severely threaten data privacy/integrity in transit. NGINX QUIC/SSL flaws deepen risks. #Cybersecurity #Vulnerabilities #News
@YourAnon_irc
17 May 2026
108 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Cisco Catalyst SD-WAN CVE-2026-20182: Critical Auth Bypass https://t.co/1EUGD7L3jB #Cybertrending #Cybernewsdaily #Cybersecurity
@TheCyberDef
17 May 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco Catalyst SD-WAN CVE-2026-20182: Critical Auth Bypass https://t.co/nPkM1b8osh #Cybertrending #Cybernewsdaily #Cybersecurity
@CyberInsights1
17 May 2026
10 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISO Daily Briefing: Cisco Catalyst SD-WAN CVE-2026-20182 (CVSS 10.0) hits federal patch deadline today — UAT-8616 actively exploiting; OpenClaw 4-CVE chain reaches CVSS 9.6 via unauthenticated sandbox escape; CISA issued its first agentic AI security guidance with 12–18 mont
@cloudsa
17 May 2026
273 Impressions
0 Retweets
4 Likes
1 Bookmark
1 Reply
0 Quotes
🚨 Threat Intel Brief — May 17, 2026 🔴 CRITICAL: Cisco SD-WAN CVE-2026-20182 — patch DUE TODAY 🔴 Palo Alto PAN-OS CVE-2026-0300 — RCE active 🟠 Active: ClearFake, Mirai, Vidar Stealer, QakBot C2 📊 500+ IOCs | 1,592 CISA KEVs tracked #ThreatIntel #Cybersecurit
@404LABSx
17 May 2026
122 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits https://t.co/upQoopAITC
@PVynckier
17 May 2026
94 Impressions
3 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Intel Report [CRITICAL] - Cisco Talos has disclosed the active exploitation of CVE-2026-20182, a maximum-severity (CVSS 10.0) authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager, attributed with high confidence to a... https://t.co/zzXcDcSpev
@EnigmaGlobalSW
17 May 2026
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-20182、認証バイパスで管理者権限を奪取。 Cisco SD-WAN Controllerに緊急パッチ。 ↓詳細はリプライで #脆弱性 https://t.co/UCqs1Wvn8X
@motch_dev
17 May 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2026-20182: CVSS 10.0 Cisco SD-WAN Auth Bypass — Patch Before May 17 https://t.co/R0DGHRoNWR
@Noskinnyjean
16 May 2026
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco Catalyst SD-WAN CVE-2026-20182: Critical Auth Bypass https://t.co/nPkM1b8osh #Cybertrending #Cybernewsdaily #Cybersecurity
@CyberInsights1
16 May 2026
3 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA adds critical Cisco SD-WAN vulnerability CVE-2026-20182 to KEV catalog. Agencies must remediate by May 17, 2026. Link: https://t.co/E5BCAkzOrh #Cybersecurity #Cisco #SDWAN #Vulnerability #CISA #KEV #Exploit #Remediation #Agencies #Security #Networking #Routers #Patch #Threat
@dailytechonx
16 May 2026
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-44581 2 - CVE-2026-45185 3 - CVE-2026-44578 4 - CVE-2026-20182 5 - CVE-2026-42945 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
16 May 2026
144 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2026-20182: Active Auth Bypass in Cisco Catalyst SD-WAN Controller Enables Admin Takeover https://t.co/f9wo0r8ogn
@BinaryPh
16 May 2026
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco SD-WAN CVE-2026-20182 (CVSS 10) added to CISA KEV—patch by May 17. WP Burst Statistics CVE-2026-8181 mass-exploited. TeamPCP selling 5GB Mistral repos after TanStack hit. Full brief: https://t.co/pMXSVJmVWs #Daily #ThreatIntel #InfoSec
@ORIntelligence
15 May 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED) https://t.co/a3197HewW5 Rapid7 Labs has uncovered a critical authentication bypass vulnerability, CVE-2026-20182, affecting Cisco Catalyst SD-WAN Controller (formerly vSmart). This vulne
@f1tym1
15 May 2026
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Heads up: CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits Critical CVE / Exploit: The U.S.Cybersecurity and Infrastructure Sec... https://t.co/bpSlI8McRv #CVE #CyberSecurity #Privacy #SecurityAlert
@MyDooM15
15 May 2026
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New critical flaws: Exchange zero-day (CVE-2026-42897) actively exploited, Windows DNS Client RCE (CVE-2026-41096), & Cisco SD-WAN auth bypass (CVE-2026-20182). These threaten data privacy/integrity in transit. Patch NOW! #Cybersecurity #ZeroDay #News
@YourAnon_irc
15 May 2026
84 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-20182: Cisco Catalyst SD-WAN Auth Bypass Added to CISA KEV https://t.co/5UAMeJnvzF CVE-2026-20182: Cisco Catalyst SD-WAN Auth Bypass Added to CISA KEV Cisco has disclosed CVE-2026-20182, a critical authentication bypass affecting Cisco Catalyst SD-WAN Controller (for
@f1tym1
15 May 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-20182: Critical Authentication Bypass in Cisco SD-WAN Can Grant Admin Access https://t.co/JThWwz14iW A vulnerability affecting Cisco Catalyst SD-WAN Controller has drawn urgent attention after Cisco, Rapid7, and CISA confirmed active exploitation. CVE-2026-20182 is a
@f1tym1
15 May 2026
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182) https://t.co/lDhaaziYFP Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly sophisticated cybe
@f1tym1
15 May 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2026-20182: Critical Cisco SD-WAN authentication bypass added to CISA KEV after active exploitation. ✅ Action: Upgrade affected Cisco SD-WAN Controller/Manager now. https://t.co/yTnpvNTMRs #Cisco #SDWAN #CVE #CISAKEV #Vulert
@vulert_official
15 May 2026
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182): Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly sophisticated… https://t.co/WuwLclfs6f
@shah_sheikh
15 May 2026
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-20182: Cisco Catalyst SD-WAN Auth Bypass Added to CISA KEV https://t.co/BuoH94uhpM CVE-2026-20182: Cisco Catalyst SD-WAN Auth Bypass Added to CISA KEV Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code:
@f1tym1
15 May 2026
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Cisco SD-WAN zero-day exploited: CVE-2026-20182 is CVSS 10 auth bypass with admin impact. 🔴 Exchange exploited in wild: CVE-2026-42897 hits on-prem OWA. Verify mitigations. https://t.co/pBWq66uIkZ
@solomonneas
15 May 2026
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2026-20182 on CISA KEV Cisco SD-WAN auth bypass = instant admin access. Zero auth required. Actively exploited. If you're running this and haven't patched, you're already pwned. How many still think "it won't happen to us"? #infosec #CVE
@OrizonCyber
15 May 2026
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Threat Intel May 15: Cisco SD-WAN CVE-2026-20182 (patch by May 17!), PAN-OS RCE CVE-2026-0300, Linux PrivEsc CVE-2026-31431 due TODAY. Active: ClearFake, NWHStealer, QakBot C2. Canvas breach: 275M+ records. Stay patched! #CyberSecurity #ThreatIntel https://t.co/N3f33pwJSS
@404LABSx
15 May 2026
61 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CC-4784 - Exploitation of Zero-Day Vulnerability in Cisco Catalyst SD-WAN https://t.co/f46EWojau5 Severity: High CVE-2026-20182 could allow an unauthenticated attacker to bypass authentication and gain administrative privileges CVE-2026-20182 could allow an unauthenticated
@f1tym1
15 May 2026
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5021D679-E23A-4D7F-B3B6-D664634A639C",
"versionEndExcluding": "20.9.9.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26022018-2273-4589-BE4F-AD92DA31CB58",
"versionEndExcluding": "20.12.5.4",
"versionStartIncluding": "20.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA5CA36-86B6-443D-B772-37A5901F3E83",
"versionEndExcluding": "20.12.6.2",
"versionStartIncluding": "20.12.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32A83687-B363-476B-89EF-B35C82575237",
"versionEndExcluding": "20.15.4.4",
"versionStartIncluding": "20.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "709D0805-4B76-46A0-82D3-93C89926B389",
"versionEndExcluding": "20.15.5.2",
"versionStartIncluding": "20.15.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6A9216-3D47-4B33-B502-72B99859992E",
"versionEndExcluding": "20.18.2.2",
"versionStartIncluding": "20.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C34C0AB2-3E8E-4B12-BEA2-446F8F248B9A",
"versionEndExcluding": "26.1.1.1",
"versionStartIncluding": "26.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6A03BCEF-DC25-488D-91D3-0A16F3B872E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0824EC8B-3153-4298-8570-C115A95FCCF1",
"versionEndExcluding": "20.9.9.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86D90EAF-0EB3-4412-8D15-14F5151E36FA",
"versionEndExcluding": "20.12.5.4",
"versionStartIncluding": "20.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA36394-30A2-4668-AF03-1C596D8AC2E0",
"versionEndExcluding": "20.12.6.2",
"versionStartIncluding": "20.12.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEC9B48C-3149-4662-9DD4-DC4ACE4460E3",
"versionEndExcluding": "20.15.4.4",
"versionStartIncluding": "20.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E964DF6-E2FB-4305-9AD6-42904FC4FE9A",
"versionEndExcluding": "20.15.5.2",
"versionStartIncluding": "20.15.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D40D018-E4EB-4CC8-A2B0-F8E1DA2E3350",
"versionEndExcluding": "20.18.2.2",
"versionStartIncluding": "20.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "788140A2-0378-487E-9C9A-84080C9BC7A5",
"versionEndExcluding": "26.1.1.1",
"versionStartIncluding": "26.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:20.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4FFF4B-5C26-4014-A9B2-EE342F3FE3C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]