ID

VAR-202309-2742


CVE

CVE-2023-20252


DESCRIPTION

A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user. This vulnerability is due to improper authentication checks for SAML APIs. An attacker could exploit this vulnerability by sending requests directly to the SAML API. A successful exploit could allow the attacker to generate an authorization token sufficient to gain access to the application

Trust: 0.99

sources: NVD: CVE-2023-20252 // VULMON: CVE-2023-20252

AFFECTED PRODUCTS

vendor:ciscomodel:catalyst sd-wan managerscope:eqversion:20.9.3.2

Trust: 1.0

vendor:ciscomodel:catalyst sd-wan managerscope:eqversion:20.11.1.2

Trust: 1.0

sources: NVD: CVE-2023-20252

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-20252
value: CRITICAL

Trust: 1.0

ykramarz@cisco.com: CVE-2023-20252
value: CRITICAL

Trust: 1.0

nvd@nist.gov: CVE-2023-20252
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 2.0

sources: NVD: CVE-2023-20252 // NVD: CVE-2023-20252

PROBLEMTYPE DATA

problemtype:CWE-862

Trust: 1.0

problemtype:CWE-287

Trust: 1.0

sources: NVD: CVE-2023-20252

EXTERNAL IDS

db:NVDid:CVE-2023-20252

Trust: 1.1

db:VULMONid:CVE-2023-20252

Trust: 0.1

sources: VULMON: CVE-2023-20252 // NVD: CVE-2023-20252

REFERENCES

url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sdwan-vman-sc-lrlfu2z

Trust: 1.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-20252 // NVD: CVE-2023-20252

SOURCES

db:VULMONid:CVE-2023-20252
db:NVDid:CVE-2023-20252

LAST UPDATE DATE

2024-08-14T15:26:24.208000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-20252date:2023-09-27T00:00:00
db:NVDid:CVE-2023-20252date:2024-01-25T17:15:41.360

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-20252date:2023-09-27T00:00:00
db:NVDid:CVE-2023-20252date:2023-09-27T18:15:11.553