Cisco Catalyst SD-WAN Manager Certificate Validation Vulnerability
A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to gain access to sensitive information.<br><br>
This vulnerability is due to improper validation of certificates that are used by the Smart Licensing feature. An attacker with a privileged network position could exploit this vulnerability by intercepting traffic that is sent over the Internet. A successful exploit could allow the attacker to gain access to sensitive information, including credentials used by the device to connect to Cisco cloud services.<br><br>
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br>
This advisory is available at the following link:<br><a href=”https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catalyst-tls-PqnD5KEJ”>https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catalyst-tls-PqnD5KEJ</a><br><br>
<br/>Security Impact Rating: Medium
<br/>CVE: CVE-2025-20157Cisco Security AdvisoryRead More