VDB

CERTFR-2026-ALE-002

CERTFR-2026-ALE-002 PUBLISHED CVSS 7.800000190734863 HIGH

Une vulnérabilité a été découverte dans Cisco Catalyst SD-WAN. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité. Cisco indique que la vulnérabilité CVE-2026-20127 est activement exploitée.

Risk Scores

CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
CiscoCisco Catalyst SD-WAN Manager20.7.1.0.2, 20.3.3.1.10, 20.3.3.0.8
CiscoCisco SD-WAN vEdge Cloud20.6.1, 18.4.3, 19.2.1
CiscoCisco Catalyst SD-WAN17.3.1ESM2, 18.3.1, 19.2.1
CiscoCisco SD-WAN vEdge Router20.6.3.2, 20.3.3, 20.4.1.1
CiscoCisco SD-WAN vContainer20.3.1, 20.1.2, 18.3.8

Timeline

  • Sep 28, 2022 CVE Published
  • Feb 25, 2026 PoC Published
  • Feb 25, 2026 PoC Published
  • Feb 25, 2026 PoC Published
  • Feb 25, 2026 PoC Published
  • Feb 25, 2026 PoC Published
  • Feb 26, 2026 PoC Published
  • Feb 26, 2026 PoC Published
  • Feb 26, 2026 PoC Published
  • Feb 26, 2026 PoC Published
  • Feb 26, 2026 PoC Published
  • Feb 26, 2026 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›