VDB

CISCO-SA-VMANAGE-XSS-XHN8M5JT

CISCO-SA-VMANAGE-XSS-XHN8M5JT PUBLISHED CVSS 5.400000095367432 MEDIUM

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a stored cross-site scripting attack (XSS) on an affected system. This vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Risk Scores

CVSS 3.1
5.400000095367432
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
Cisco Catalyst SD-WAN Manager

Timeline

  • May 7, 2025 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›