CVE-2026-20129CRITICAL 9.8EPSS p48.9%

CVE-2026-20129CVE-2026-20129

Description

A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An attacker could exploit this vulnerability by sending a crafted request to the API of an affected system. A successful exploit could allow the attacker to execute commands with the privileges of the netadmin role. Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability. 

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.72% probability of exploitation · percentile 48.9% · 2026-06-19T12:03:05Z
Published2026-02-25
Last modified2026-03-04

Underlying weaknesses· 1

CWE-287

References

  1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

1

TypeTargetConfidenceTier
WeaknessImproper Authenticationcwe-2870%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-20127
CVE
CVE-2026-20182
CVE
Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
CVE
Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
CVE
Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability
CVE
Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.