CVE-2026-20127 (GCVE-0-2026-20127)
Vulnerability from cvelistv5
Published
2026-02-25 16:14
Modified
2026-02-26 14:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Catalyst SD-WAN Manager |
Version: 20.1.12 Version: 19.2.1 Version: 18.4.4 Version: 18.4.5 Version: 20.1.1.1 Version: 20.1.1 Version: 19.3.0 Version: 19.2.2 Version: 19.2.099 Version: 18.3.6 Version: 18.3.7 Version: 19.2.0 Version: 18.3.8 Version: 19.0.0 Version: 19.1.0 Version: 18.4.302 Version: 18.4.303 Version: 19.2.097 Version: 19.2.098 Version: 17.2.10 Version: 18.3.6.1 Version: 19.0.1a Version: 18.2.0 Version: 18.4.3 Version: 18.4.1 Version: 17.2.8 Version: 18.3.3.1 Version: 18.4.0 Version: 18.3.1 Version: 17.2.6 Version: 17.2.9 Version: 18.3.4 Version: 17.2.5 Version: 18.3.1.1 Version: 18.3.5 Version: 18.4.0.1 Version: 18.3.3 Version: 17.2.7 Version: 17.2.4 Version: 18.3.0 Version: 19.2.3 Version: 18.4.501_ES Version: 20.3.1 Version: 20.1.2 Version: 19.2.929 Version: 19.2.31 Version: 20.3.2 Version: 19.2.32 Version: 20.3.2_925 Version: 20.3.2.1 Version: 20.3.2.1_927 Version: 18.4.6 Version: 20.1.2_937 Version: 20.4.1 Version: 20.3.2_928 Version: 20.3.2_929 Version: 20.4.1.0.1 Version: 20.3.2.1_930 Version: 19.2.4 Version: 20.5.0.1.1 Version: 20.4.1.1 Version: 20.3.3 Version: 19.2.4.0.1 Version: 20.3.2_937 Version: 20.3.3.1 Version: 20.5.1 Version: 20.1.3 Version: 20.3.3.0.4 Version: 20.3.3.1.2 Version: 20.3.3.1.1 Version: 20.4.1.2 Version: 20.3.3.0.2 Version: 20.4.1.1.5 Version: 20.4.1.0.01 Version: 20.4.1.0.02 Version: 20.3.3.1.7 Version: 20.3.3.1.5 Version: 20.5.1.0.1 Version: 20.3.3.1.10 Version: 20.3.3.0.8 Version: 20.4.2 Version: 20.4.2.0.1 Version: 20.3.4 Version: 20.3.3.0.14 Version: 19.2.4.0.8 Version: 19.2.4.0.9 Version: 20.3.4.0.1 Version: 20.3.2.0.5 Version: 20.6.1 Version: 20.5.1.0.2 Version: 20.3.3.0.17 Version: 20.6.1.1 Version: 20.6.0.18.3 Version: 20.3.2.0.6 Version: 20.6.0.18.4 Version: 20.4.2.0.2 Version: 20.3.3.0.16 Version: 20.3.4.0.5 Version: 20.6.1.0.1 Version: 20.3.4.0.6 Version: 20.6.2 Version: 20.7.1EFT2 Version: 20.3.4.0.9 Version: 20.3.4.0.11 Version: 20.4.2.0.4 Version: 20.3.3.0.18 Version: 20.7.1 Version: 20.6.2.1 Version: 20.3.4.1 Version: 20.5.1.1 Version: 20.4.2.1 Version: 20.4.2.1.1 Version: 20.3.4.1.1 Version: 20.3.813 Version: 20.3.4.0.19 Version: 20.4.2.2.1 Version: 20.5.1.2 Version: 20.3.4.2 Version: 20.3.814 Version: 20.4.2.2 Version: 20.6.2.2 Version: 20.3.4.2.1 Version: 20.7.1.1 Version: 20.3.4.1.2 Version: 20.6.2.2.2 Version: 20.3.4.0.20 Version: 20.6.2.2.3 Version: 20.4.2.2.2 Version: 20.3.5 Version: 20.6.2.0.4 Version: 20.4.2.2.3 Version: 20.3.4.0.24 Version: 20.6.2.2.7 Version: 20.6.3 Version: 20.3.4.2.2 Version: 20.4.2.2.4 Version: 20.7.1.0.2 Version: 20.8.1 Version: 20.3.5.0.8 Version: 20.3.5.0.9 Version: 20.4.2.2.8 Version: 20.3.5.0.7 Version: 20.6.3.0.7 Version: 20.6.3.0.5 Version: 20.6.3.0.10 Version: 20.6.3.0.2 Version: 20.7.2 Version: 20.9.1EFT2 Version: 20.6.3.0.11 Version: 20.6.3.1 Version: 20.6.3.0.14 Version: 20.6.4 Version: 20.9.1 Version: 20.6.3.0.19 Version: 20.6.3.0.18 Version: 20.3.6 Version: 20.9.1.1 Version: 20.6.3.0.23 Version: 20.6.4.0.4 Version: 20.6.3.0.25 Version: 20.6.5 Version: 20.6.3.0.27 Version: 20.9.2 Version: 20.9.2.1 Version: 20.6.3.0.29 Version: 20.6.3.0.31 Version: 20.6.3.0.32 Version: 20.10.1 Version: 20.6.3.0.33 Version: 20.9.2.0.01 Version: 20.9.1_LI_Images Version: 20.10.1_LI_Images Version: 20.9.2_LI_Images Version: 20.3.7 Version: 20.9.3 Version: 20.6.5.1 Version: 20.11.1 Version: 20.11.1_LI_Images Version: 20.9.3_LI_ Images Version: 20.6.3.1.1 Version: 20.9.3.0.2 Version: 20.6.5.1.2 Version: 20.9.3.0.3 Version: 20.4.2.3 Version: 20.6.3.2 Version: 20.6.4.1 Version: 20.6.3.0.38 Version: 20.6.3.0.39 Version: 20.3.5.1 Version: 20.3.4.3 Version: 20.9.3.1 Version: 20.3.3.2 Version: 20.6.5.2 Version: 20.3.7.1 Version: 20.10.1.1 Version: 20.6.5.2.1 Version: 20.3.4.0.25 Version: 20.6.2.2.4 Version: 20.6.1.2 Version: 20.11.1.1 Version: 20.9.3.0.5 Version: 20.3.4.0.26 Version: 20.6.5.1.3 Version: 20.6.3.0.40 Version: 20.1.3.1 Version: 20.9.2.2 Version: 20.6.5.2.3 Version: 20.6.5.1.4 Version: 20.6.5.3 Version: 20.6.3.0.41 Version: 20.9.3.0.7 Version: 20.6.5.1.5 Version: 20.9.3.0.4 Version: 20.6.4.0.19 Version: 20.6.5.1.6 Version: 20.9.3.0.8 Version: 20.6.3.3 Version: 20.3.7.2 Version: 20.6.5.4 Version: 20.6.5.1.7 Version: 20.9.3.0.12 Version: 20.6.4.2 Version: 20.6.5.5 Version: 20.9.3.2 Version: 20.11.1.2 Version: 20.6.3.4 Version: 20.10.1.2 Version: 20.6.5.1.9 Version: 20.9.3.0.16 Version: 20.6.3.0.45 Version: 20.6.5.1.10 Version: 20.9.3.0.17 Version: 20.6.5.2.4 Version: 20.6.4.0.21 Version: 20.9.3.0.18 Version: 20.6.3.0.46 Version: 20.6.3.0.47 Version: 20.9.2.3 Version: 20.9.3.2_LI_Images Version: 20.9.3.0.21 Version: 20.9.3.0.20 Version: 20.9.4_LI_Images Version: 20.9.4 Version: 20.6.5.1.11 Version: 20.12.1 Version: 20.12.1_LI_Images Version: 20.6.5.1.13 Version: 20.9.3.0.23 Version: 20.6.5.2.8 Version: 20.9.4.1 Version: 20.9.4.1_LI_Images Version: 20.9.3.0.25 Version: 20.9.3.0.24 Version: 20.6.5.1.14 Version: 20.3.8 Version: 20.6.6 Version: 20.9.3.0.26 Version: 20.6.3.0.51 Version: 20.9.3.0.29 Version: 20.12.2 Version: 20.12.2_LI_Images Version: 20.6.6.0.1 Version: 20.13.1_LI_Images Version: 20.9.4.0.4 Version: 20.13.1 Version: 20.9.4.1.1 Version: 20.9.5 Version: 20.9.5_LI_Images Version: 20.12.3_LI_Images Version: 20.12.3 Version: 20.9.4.1.3 Version: 20.6.7 Version: 20.9.5.1 Version: 20.9.5.1_LI_Images Version: 20.9.4.1.6 Version: 20.14.1 Version: 20.14.1_LI_Images Version: 20.9.5.2 Version: 20.9.5.2.1 Version: 20.9.5.2_LI_Images Version: 20.12.3.1 Version: 20.12.4 Version: 20.15.1_LI_Images Version: 20.15.1 Version: 20.9.5.1.4 Version: 20.9.5.2.7 Version: 20.9.5.2.13 Version: 20.9.6 Version: 20.9.6_LI_Images Version: 20.9.5.2.14 Version: 20.6.8 Version: 20.12.4.0.03 Version: 20.16.1 Version: 20.16.1_LI_Images Version: 20.12.4_LI_Images Version: 20.9.5.2.16 Version: 20.12.4.0.4 Version: 20.12.401 Version: 20.9.5.3 Version: 20.9.5.3_LI_Images Version: 20.12.4.1_LI_Images Version: 20.12.4.1 Version: 20.9.5.2.21 Version: 20.9.6.0.3 Version: 20.12.4.0.6 Version: 20.15.2_LI_Images Version: 20.15.2 Version: 20.12.4_Monthly_ES5 Version: 20.12.5 Version: 20.12.5_LI_Images Version: 20.9.7_LI _Images Version: 20.9.7 Version: 20.15.3 Version: 20.15.3_ LI _Images Version: 20.12.501 Version: 20.12.5.1_LI_Images Version: 20.12.5.1 Version: 20.12.5.2_LI_Images Version: 20.12.5.2 Version: 20.15.3.1 Version: 20.15.4_LI_Images Version: 20.15.4 Version: 20.9.7.1_LI _Images Version: 20.9.7.1 Version: 20.18.1 Version: 20.18.1_LI_Images Version: 20.12.6_LI_Images Version: 20.12.6 Version: 20.12.5.1.01 Version: 20.9.8 Version: 20.9.8_LI_Images Version: 20.18.2 Version: 20.15.4.1_LI_Images Version: 20.15.4.1 Version: 20.18.2_LI_Images |
CISA Known Exploited Vulnerability
Data from the CISA Known Exploited Vulnerabilities Catalog
Date added: 2026-02-25
Due date: 2026-02-27
Required action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
Used in ransomware: Unknown
Notes: CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk ; https://nvd.nist.gov/vuln/detail/CVE-2026-20127
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20127",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T04:55:54.782171Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-02-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20127"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:06.050Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20127"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Catalyst SD-WAN Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "20.1.12"
},
{
"status": "affected",
"version": "19.2.1"
},
{
"status": "affected",
"version": "18.4.4"
},
{
"status": "affected",
"version": "18.4.5"
},
{
"status": "affected",
"version": "20.1.1.1"
},
{
"status": "affected",
"version": "20.1.1"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "19.2.2"
},
{
"status": "affected",
"version": "19.2.099"
},
{
"status": "affected",
"version": "18.3.6"
},
{
"status": "affected",
"version": "18.3.7"
},
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "18.3.8"
},
{
"status": "affected",
"version": "19.0.0"
},
{
"status": "affected",
"version": "19.1.0"
},
{
"status": "affected",
"version": "18.4.302"
},
{
"status": "affected",
"version": "18.4.303"
},
{
"status": "affected",
"version": "19.2.097"
},
{
"status": "affected",
"version": "19.2.098"
},
{
"status": "affected",
"version": "17.2.10"
},
{
"status": "affected",
"version": "18.3.6.1"
},
{
"status": "affected",
"version": "19.0.1a"
},
{
"status": "affected",
"version": "18.2.0"
},
{
"status": "affected",
"version": "18.4.3"
},
{
"status": "affected",
"version": "18.4.1"
},
{
"status": "affected",
"version": "17.2.8"
},
{
"status": "affected",
"version": "18.3.3.1"
},
{
"status": "affected",
"version": "18.4.0"
},
{
"status": "affected",
"version": "18.3.1"
},
{
"status": "affected",
"version": "17.2.6"
},
{
"status": "affected",
"version": "17.2.9"
},
{
"status": "affected",
"version": "18.3.4"
},
{
"status": "affected",
"version": "17.2.5"
},
{
"status": "affected",
"version": "18.3.1.1"
},
{
"status": "affected",
"version": "18.3.5"
},
{
"status": "affected",
"version": "18.4.0.1"
},
{
"status": "affected",
"version": "18.3.3"
},
{
"status": "affected",
"version": "17.2.7"
},
{
"status": "affected",
"version": "17.2.4"
},
{
"status": "affected",
"version": "18.3.0"
},
{
"status": "affected",
"version": "19.2.3"
},
{
"status": "affected",
"version": "18.4.501_ES"
},
{
"status": "affected",
"version": "20.3.1"
},
{
"status": "affected",
"version": "20.1.2"
},
{
"status": "affected",
"version": "19.2.929"
},
{
"status": "affected",
"version": "19.2.31"
},
{
"status": "affected",
"version": "20.3.2"
},
{
"status": "affected",
"version": "19.2.32"
},
{
"status": "affected",
"version": "20.3.2_925"
},
{
"status": "affected",
"version": "20.3.2.1"
},
{
"status": "affected",
"version": "20.3.2.1_927"
},
{
"status": "affected",
"version": "18.4.6"
},
{
"status": "affected",
"version": "20.1.2_937"
},
{
"status": "affected",
"version": "20.4.1"
},
{
"status": "affected",
"version": "20.3.2_928"
},
{
"status": "affected",
"version": "20.3.2_929"
},
{
"status": "affected",
"version": "20.4.1.0.1"
},
{
"status": "affected",
"version": "20.3.2.1_930"
},
{
"status": "affected",
"version": "19.2.4"
},
{
"status": "affected",
"version": "20.5.0.1.1"
},
{
"status": "affected",
"version": "20.4.1.1"
},
{
"status": "affected",
"version": "20.3.3"
},
{
"status": "affected",
"version": "19.2.4.0.1"
},
{
"status": "affected",
"version": "20.3.2_937"
},
{
"status": "affected",
"version": "20.3.3.1"
},
{
"status": "affected",
"version": "20.5.1"
},
{
"status": "affected",
"version": "20.1.3"
},
{
"status": "affected",
"version": "20.3.3.0.4"
},
{
"status": "affected",
"version": "20.3.3.1.2"
},
{
"status": "affected",
"version": "20.3.3.1.1"
},
{
"status": "affected",
"version": "20.4.1.2"
},
{
"status": "affected",
"version": "20.3.3.0.2"
},
{
"status": "affected",
"version": "20.4.1.1.5"
},
{
"status": "affected",
"version": "20.4.1.0.01"
},
{
"status": "affected",
"version": "20.4.1.0.02"
},
{
"status": "affected",
"version": "20.3.3.1.7"
},
{
"status": "affected",
"version": "20.3.3.1.5"
},
{
"status": "affected",
"version": "20.5.1.0.1"
},
{
"status": "affected",
"version": "20.3.3.1.10"
},
{
"status": "affected",
"version": "20.3.3.0.8"
},
{
"status": "affected",
"version": "20.4.2"
},
{
"status": "affected",
"version": "20.4.2.0.1"
},
{
"status": "affected",
"version": "20.3.4"
},
{
"status": "affected",
"version": "20.3.3.0.14"
},
{
"status": "affected",
"version": "19.2.4.0.8"
},
{
"status": "affected",
"version": "19.2.4.0.9"
},
{
"status": "affected",
"version": "20.3.4.0.1"
},
{
"status": "affected",
"version": "20.3.2.0.5"
},
{
"status": "affected",
"version": "20.6.1"
},
{
"status": "affected",
"version": "20.5.1.0.2"
},
{
"status": "affected",
"version": "20.3.3.0.17"
},
{
"status": "affected",
"version": "20.6.1.1"
},
{
"status": "affected",
"version": "20.6.0.18.3"
},
{
"status": "affected",
"version": "20.3.2.0.6"
},
{
"status": "affected",
"version": "20.6.0.18.4"
},
{
"status": "affected",
"version": "20.4.2.0.2"
},
{
"status": "affected",
"version": "20.3.3.0.16"
},
{
"status": "affected",
"version": "20.3.4.0.5"
},
{
"status": "affected",
"version": "20.6.1.0.1"
},
{
"status": "affected",
"version": "20.3.4.0.6"
},
{
"status": "affected",
"version": "20.6.2"
},
{
"status": "affected",
"version": "20.7.1EFT2"
},
{
"status": "affected",
"version": "20.3.4.0.9"
},
{
"status": "affected",
"version": "20.3.4.0.11"
},
{
"status": "affected",
"version": "20.4.2.0.4"
},
{
"status": "affected",
"version": "20.3.3.0.18"
},
{
"status": "affected",
"version": "20.7.1"
},
{
"status": "affected",
"version": "20.6.2.1"
},
{
"status": "affected",
"version": "20.3.4.1"
},
{
"status": "affected",
"version": "20.5.1.1"
},
{
"status": "affected",
"version": "20.4.2.1"
},
{
"status": "affected",
"version": "20.4.2.1.1"
},
{
"status": "affected",
"version": "20.3.4.1.1"
},
{
"status": "affected",
"version": "20.3.813"
},
{
"status": "affected",
"version": "20.3.4.0.19"
},
{
"status": "affected",
"version": "20.4.2.2.1"
},
{
"status": "affected",
"version": "20.5.1.2"
},
{
"status": "affected",
"version": "20.3.4.2"
},
{
"status": "affected",
"version": "20.3.814"
},
{
"status": "affected",
"version": "20.4.2.2"
},
{
"status": "affected",
"version": "20.6.2.2"
},
{
"status": "affected",
"version": "20.3.4.2.1"
},
{
"status": "affected",
"version": "20.7.1.1"
},
{
"status": "affected",
"version": "20.3.4.1.2"
},
{
"status": "affected",
"version": "20.6.2.2.2"
},
{
"status": "affected",
"version": "20.3.4.0.20"
},
{
"status": "affected",
"version": "20.6.2.2.3"
},
{
"status": "affected",
"version": "20.4.2.2.2"
},
{
"status": "affected",
"version": "20.3.5"
},
{
"status": "affected",
"version": "20.6.2.0.4"
},
{
"status": "affected",
"version": "20.4.2.2.3"
},
{
"status": "affected",
"version": "20.3.4.0.24"
},
{
"status": "affected",
"version": "20.6.2.2.7"
},
{
"status": "affected",
"version": "20.6.3"
},
{
"status": "affected",
"version": "20.3.4.2.2"
},
{
"status": "affected",
"version": "20.4.2.2.4"
},
{
"status": "affected",
"version": "20.7.1.0.2"
},
{
"status": "affected",
"version": "20.8.1"
},
{
"status": "affected",
"version": "20.3.5.0.8"
},
{
"status": "affected",
"version": "20.3.5.0.9"
},
{
"status": "affected",
"version": "20.4.2.2.8"
},
{
"status": "affected",
"version": "20.3.5.0.7"
},
{
"status": "affected",
"version": "20.6.3.0.7"
},
{
"status": "affected",
"version": "20.6.3.0.5"
},
{
"status": "affected",
"version": "20.6.3.0.10"
},
{
"status": "affected",
"version": "20.6.3.0.2"
},
{
"status": "affected",
"version": "20.7.2"
},
{
"status": "affected",
"version": "20.9.1EFT2"
},
{
"status": "affected",
"version": "20.6.3.0.11"
},
{
"status": "affected",
"version": "20.6.3.1"
},
{
"status": "affected",
"version": "20.6.3.0.14"
},
{
"status": "affected",
"version": "20.6.4"
},
{
"status": "affected",
"version": "20.9.1"
},
{
"status": "affected",
"version": "20.6.3.0.19"
},
{
"status": "affected",
"version": "20.6.3.0.18"
},
{
"status": "affected",
"version": "20.3.6"
},
{
"status": "affected",
"version": "20.9.1.1"
},
{
"status": "affected",
"version": "20.6.3.0.23"
},
{
"status": "affected",
"version": "20.6.4.0.4"
},
{
"status": "affected",
"version": "20.6.3.0.25"
},
{
"status": "affected",
"version": "20.6.5"
},
{
"status": "affected",
"version": "20.6.3.0.27"
},
{
"status": "affected",
"version": "20.9.2"
},
{
"status": "affected",
"version": "20.9.2.1"
},
{
"status": "affected",
"version": "20.6.3.0.29"
},
{
"status": "affected",
"version": "20.6.3.0.31"
},
{
"status": "affected",
"version": "20.6.3.0.32"
},
{
"status": "affected",
"version": "20.10.1"
},
{
"status": "affected",
"version": "20.6.3.0.33"
},
{
"status": "affected",
"version": "20.9.2.0.01"
},
{
"status": "affected",
"version": "20.9.1_LI_Images"
},
{
"status": "affected",
"version": "20.10.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.2_LI_Images"
},
{
"status": "affected",
"version": "20.3.7"
},
{
"status": "affected",
"version": "20.9.3"
},
{
"status": "affected",
"version": "20.6.5.1"
},
{
"status": "affected",
"version": "20.11.1"
},
{
"status": "affected",
"version": "20.11.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.3_LI_ Images"
},
{
"status": "affected",
"version": "20.6.3.1.1"
},
{
"status": "affected",
"version": "20.9.3.0.2"
},
{
"status": "affected",
"version": "20.6.5.1.2"
},
{
"status": "affected",
"version": "20.9.3.0.3"
},
{
"status": "affected",
"version": "20.4.2.3"
},
{
"status": "affected",
"version": "20.6.3.2"
},
{
"status": "affected",
"version": "20.6.4.1"
},
{
"status": "affected",
"version": "20.6.3.0.38"
},
{
"status": "affected",
"version": "20.6.3.0.39"
},
{
"status": "affected",
"version": "20.3.5.1"
},
{
"status": "affected",
"version": "20.3.4.3"
},
{
"status": "affected",
"version": "20.9.3.1"
},
{
"status": "affected",
"version": "20.3.3.2"
},
{
"status": "affected",
"version": "20.6.5.2"
},
{
"status": "affected",
"version": "20.3.7.1"
},
{
"status": "affected",
"version": "20.10.1.1"
},
{
"status": "affected",
"version": "20.6.5.2.1"
},
{
"status": "affected",
"version": "20.3.4.0.25"
},
{
"status": "affected",
"version": "20.6.2.2.4"
},
{
"status": "affected",
"version": "20.6.1.2"
},
{
"status": "affected",
"version": "20.11.1.1"
},
{
"status": "affected",
"version": "20.9.3.0.5"
},
{
"status": "affected",
"version": "20.3.4.0.26"
},
{
"status": "affected",
"version": "20.6.5.1.3"
},
{
"status": "affected",
"version": "20.6.3.0.40"
},
{
"status": "affected",
"version": "20.1.3.1"
},
{
"status": "affected",
"version": "20.9.2.2"
},
{
"status": "affected",
"version": "20.6.5.2.3"
},
{
"status": "affected",
"version": "20.6.5.1.4"
},
{
"status": "affected",
"version": "20.6.5.3"
},
{
"status": "affected",
"version": "20.6.3.0.41"
},
{
"status": "affected",
"version": "20.9.3.0.7"
},
{
"status": "affected",
"version": "20.6.5.1.5"
},
{
"status": "affected",
"version": "20.9.3.0.4"
},
{
"status": "affected",
"version": "20.6.4.0.19"
},
{
"status": "affected",
"version": "20.6.5.1.6"
},
{
"status": "affected",
"version": "20.9.3.0.8"
},
{
"status": "affected",
"version": "20.6.3.3"
},
{
"status": "affected",
"version": "20.3.7.2"
},
{
"status": "affected",
"version": "20.6.5.4"
},
{
"status": "affected",
"version": "20.6.5.1.7"
},
{
"status": "affected",
"version": "20.9.3.0.12"
},
{
"status": "affected",
"version": "20.6.4.2"
},
{
"status": "affected",
"version": "20.6.5.5"
},
{
"status": "affected",
"version": "20.9.3.2"
},
{
"status": "affected",
"version": "20.11.1.2"
},
{
"status": "affected",
"version": "20.6.3.4"
},
{
"status": "affected",
"version": "20.10.1.2"
},
{
"status": "affected",
"version": "20.6.5.1.9"
},
{
"status": "affected",
"version": "20.9.3.0.16"
},
{
"status": "affected",
"version": "20.6.3.0.45"
},
{
"status": "affected",
"version": "20.6.5.1.10"
},
{
"status": "affected",
"version": "20.9.3.0.17"
},
{
"status": "affected",
"version": "20.6.5.2.4"
},
{
"status": "affected",
"version": "20.6.4.0.21"
},
{
"status": "affected",
"version": "20.9.3.0.18"
},
{
"status": "affected",
"version": "20.6.3.0.46"
},
{
"status": "affected",
"version": "20.6.3.0.47"
},
{
"status": "affected",
"version": "20.9.2.3"
},
{
"status": "affected",
"version": "20.9.3.2_LI_Images"
},
{
"status": "affected",
"version": "20.9.3.0.21"
},
{
"status": "affected",
"version": "20.9.3.0.20"
},
{
"status": "affected",
"version": "20.9.4_LI_Images"
},
{
"status": "affected",
"version": "20.9.4"
},
{
"status": "affected",
"version": "20.6.5.1.11"
},
{
"status": "affected",
"version": "20.12.1"
},
{
"status": "affected",
"version": "20.12.1_LI_Images"
},
{
"status": "affected",
"version": "20.6.5.1.13"
},
{
"status": "affected",
"version": "20.9.3.0.23"
},
{
"status": "affected",
"version": "20.6.5.2.8"
},
{
"status": "affected",
"version": "20.9.4.1"
},
{
"status": "affected",
"version": "20.9.4.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.3.0.25"
},
{
"status": "affected",
"version": "20.9.3.0.24"
},
{
"status": "affected",
"version": "20.6.5.1.14"
},
{
"status": "affected",
"version": "20.3.8"
},
{
"status": "affected",
"version": "20.6.6"
},
{
"status": "affected",
"version": "20.9.3.0.26"
},
{
"status": "affected",
"version": "20.6.3.0.51"
},
{
"status": "affected",
"version": "20.9.3.0.29"
},
{
"status": "affected",
"version": "20.12.2"
},
{
"status": "affected",
"version": "20.12.2_LI_Images"
},
{
"status": "affected",
"version": "20.6.6.0.1"
},
{
"status": "affected",
"version": "20.13.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.4.0.4"
},
{
"status": "affected",
"version": "20.13.1"
},
{
"status": "affected",
"version": "20.9.4.1.1"
},
{
"status": "affected",
"version": "20.9.5"
},
{
"status": "affected",
"version": "20.9.5_LI_Images"
},
{
"status": "affected",
"version": "20.12.3_LI_Images"
},
{
"status": "affected",
"version": "20.12.3"
},
{
"status": "affected",
"version": "20.9.4.1.3"
},
{
"status": "affected",
"version": "20.6.7"
},
{
"status": "affected",
"version": "20.9.5.1"
},
{
"status": "affected",
"version": "20.9.5.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.4.1.6"
},
{
"status": "affected",
"version": "20.14.1"
},
{
"status": "affected",
"version": "20.14.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.5.2"
},
{
"status": "affected",
"version": "20.9.5.2.1"
},
{
"status": "affected",
"version": "20.9.5.2_LI_Images"
},
{
"status": "affected",
"version": "20.12.3.1"
},
{
"status": "affected",
"version": "20.12.4"
},
{
"status": "affected",
"version": "20.15.1_LI_Images"
},
{
"status": "affected",
"version": "20.15.1"
},
{
"status": "affected",
"version": "20.9.5.1.4"
},
{
"status": "affected",
"version": "20.9.5.2.7"
},
{
"status": "affected",
"version": "20.9.5.2.13"
},
{
"status": "affected",
"version": "20.9.6"
},
{
"status": "affected",
"version": "20.9.6_LI_Images"
},
{
"status": "affected",
"version": "20.9.5.2.14"
},
{
"status": "affected",
"version": "20.6.8"
},
{
"status": "affected",
"version": "20.12.4.0.03"
},
{
"status": "affected",
"version": "20.16.1"
},
{
"status": "affected",
"version": "20.16.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.4_LI_Images"
},
{
"status": "affected",
"version": "20.9.5.2.16"
},
{
"status": "affected",
"version": "20.12.4.0.4"
},
{
"status": "affected",
"version": "20.12.401"
},
{
"status": "affected",
"version": "20.9.5.3"
},
{
"status": "affected",
"version": "20.9.5.3_LI_Images"
},
{
"status": "affected",
"version": "20.12.4.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.4.1"
},
{
"status": "affected",
"version": "20.9.5.2.21"
},
{
"status": "affected",
"version": "20.9.6.0.3"
},
{
"status": "affected",
"version": "20.12.4.0.6"
},
{
"status": "affected",
"version": "20.15.2_LI_Images"
},
{
"status": "affected",
"version": "20.15.2"
},
{
"status": "affected",
"version": "20.12.4_Monthly_ES5"
},
{
"status": "affected",
"version": "20.12.5"
},
{
"status": "affected",
"version": "20.12.5_LI_Images"
},
{
"status": "affected",
"version": "20.9.7_LI _Images"
},
{
"status": "affected",
"version": "20.9.7"
},
{
"status": "affected",
"version": "20.15.3"
},
{
"status": "affected",
"version": "20.15.3_ LI _Images"
},
{
"status": "affected",
"version": "20.12.501"
},
{
"status": "affected",
"version": "20.12.5.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.5.1"
},
{
"status": "affected",
"version": "20.12.5.2_LI_Images"
},
{
"status": "affected",
"version": "20.12.5.2"
},
{
"status": "affected",
"version": "20.15.3.1"
},
{
"status": "affected",
"version": "20.15.4_LI_Images"
},
{
"status": "affected",
"version": "20.15.4"
},
{
"status": "affected",
"version": "20.9.7.1_LI _Images"
},
{
"status": "affected",
"version": "20.9.7.1"
},
{
"status": "affected",
"version": "20.18.1"
},
{
"status": "affected",
"version": "20.18.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.6_LI_Images"
},
{
"status": "affected",
"version": "20.12.6"
},
{
"status": "affected",
"version": "20.12.5.1.01"
},
{
"status": "affected",
"version": "20.9.8"
},
{
"status": "affected",
"version": "20.9.8_LI_Images"
},
{
"status": "affected",
"version": "20.18.2"
},
{
"status": "affected",
"version": "20.15.4.1_LI_Images"
},
{
"status": "affected",
"version": "20.15.4.1"
},
{
"status": "affected",
"version": "20.18.2_LI_Images"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.\r\n\r\nThis vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root\u0026nbsp;user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.\u0026nbsp;"
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware of limited exploitation of this vulnerability. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T16:18:10.274Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sdwan-rpa-EHchtZk",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk"
}
],
"source": {
"advisory": "cisco-sa-sdwan-rpa-EHchtZk",
"defects": [
"CSCws52722"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20127",
"datePublished": "2026-02-25T16:14:20.137Z",
"dateReserved": "2025-10-08T11:59:15.379Z",
"dateUpdated": "2026-02-26T14:44:06.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2026-20127",
"cwes": "[\"CWE-287\"]",
"dateAdded": "2026-02-25",
"dueDate": "2026-02-27",
"knownRansomwareCampaignUse": "Unknown",
"notes": "CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk ; https://nvd.nist.gov/vuln/detail/CVE-2026-20127",
"product": "Catalyst SD-WAN Controller and Manager",
"requiredAction": "Please adhere to CISA\u2019s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA\u2019s Emergency Directive 26-03 (URL listed below in Notes) and CISA\u2019s \u201cHunt \u0026 Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
"shortDescription": "Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.",
"vendorProject": "Cisco",
"vulnerabilityName": "Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-20127\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-26T04:55:54.782171Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2026-02-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20127\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20127\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-25T17:56:39.192Z\"}}], \"cna\": {\"title\": \"Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability\", \"source\": {\"defects\": [\"CSCws52722\"], \"advisory\": \"cisco-sa-sdwan-rpa-EHchtZk\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 10, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Catalyst SD-WAN Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"20.1.12\"}, {\"status\": \"affected\", \"version\": \"19.2.1\"}, {\"status\": \"affected\", \"version\": \"18.4.4\"}, {\"status\": \"affected\", \"version\": \"18.4.5\"}, {\"status\": \"affected\", \"version\": \"20.1.1.1\"}, {\"status\": \"affected\", \"version\": \"20.1.1\"}, {\"status\": \"affected\", \"version\": \"19.3.0\"}, {\"status\": \"affected\", \"version\": \"19.2.2\"}, {\"status\": \"affected\", \"version\": \"19.2.099\"}, {\"status\": \"affected\", \"version\": \"18.3.6\"}, {\"status\": \"affected\", \"version\": \"18.3.7\"}, {\"status\": \"affected\", \"version\": \"19.2.0\"}, {\"status\": \"affected\", \"version\": \"18.3.8\"}, {\"status\": \"affected\", \"version\": \"19.0.0\"}, {\"status\": \"affected\", \"version\": \"19.1.0\"}, {\"status\": \"affected\", \"version\": \"18.4.302\"}, {\"status\": \"affected\", \"version\": \"18.4.303\"}, {\"status\": \"affected\", \"version\": \"19.2.097\"}, {\"status\": \"affected\", \"version\": \"19.2.098\"}, {\"status\": \"affected\", \"version\": \"17.2.10\"}, {\"status\": \"affected\", \"version\": \"18.3.6.1\"}, {\"status\": \"affected\", \"version\": \"19.0.1a\"}, {\"status\": \"affected\", \"version\": \"18.2.0\"}, {\"status\": \"affected\", \"version\": \"18.4.3\"}, {\"status\": \"affected\", \"version\": \"18.4.1\"}, {\"status\": \"affected\", \"version\": \"17.2.8\"}, {\"status\": \"affected\", \"version\": \"18.3.3.1\"}, {\"status\": \"affected\", \"version\": \"18.4.0\"}, {\"status\": \"affected\", \"version\": \"18.3.1\"}, {\"status\": \"affected\", \"version\": \"17.2.6\"}, {\"status\": \"affected\", \"version\": \"17.2.9\"}, {\"status\": \"affected\", \"version\": \"18.3.4\"}, {\"status\": \"affected\", \"version\": \"17.2.5\"}, {\"status\": \"affected\", \"version\": \"18.3.1.1\"}, {\"status\": \"affected\", \"version\": \"18.3.5\"}, {\"status\": \"affected\", \"version\": \"18.4.0.1\"}, {\"status\": \"affected\", \"version\": \"18.3.3\"}, {\"status\": \"affected\", \"version\": \"17.2.7\"}, {\"status\": \"affected\", \"version\": \"17.2.4\"}, {\"status\": \"affected\", \"version\": \"18.3.0\"}, {\"status\": \"affected\", \"version\": \"19.2.3\"}, {\"status\": \"affected\", \"version\": \"18.4.501_ES\"}, {\"status\": \"affected\", \"version\": \"20.3.1\"}, {\"status\": \"affected\", \"version\": \"20.1.2\"}, {\"status\": \"affected\", \"version\": \"19.2.929\"}, {\"status\": \"affected\", \"version\": \"19.2.31\"}, {\"status\": \"affected\", \"version\": \"20.3.2\"}, {\"status\": \"affected\", \"version\": \"19.2.32\"}, {\"status\": \"affected\", \"version\": \"20.3.2_925\"}, {\"status\": \"affected\", \"version\": \"20.3.2.1\"}, {\"status\": \"affected\", \"version\": \"20.3.2.1_927\"}, {\"status\": \"affected\", \"version\": \"18.4.6\"}, {\"status\": \"affected\", \"version\": \"20.1.2_937\"}, {\"status\": \"affected\", \"version\": \"20.4.1\"}, {\"status\": \"affected\", \"version\": \"20.3.2_928\"}, {\"status\": \"affected\", \"version\": \"20.3.2_929\"}, {\"status\": \"affected\", \"version\": \"20.4.1.0.1\"}, {\"status\": \"affected\", \"version\": \"20.3.2.1_930\"}, {\"status\": \"affected\", \"version\": \"19.2.4\"}, {\"status\": \"affected\", \"version\": \"20.5.0.1.1\"}, {\"status\": \"affected\", \"version\": \"20.4.1.1\"}, {\"status\": \"affected\", \"version\": \"20.3.3\"}, {\"status\": \"affected\", \"version\": \"19.2.4.0.1\"}, {\"status\": \"affected\", \"version\": \"20.3.2_937\"}, {\"status\": \"affected\", \"version\": \"20.3.3.1\"}, {\"status\": \"affected\", \"version\": \"20.5.1\"}, {\"status\": \"affected\", \"version\": \"20.1.3\"}, {\"status\": \"affected\", \"version\": \"20.3.3.0.4\"}, {\"status\": \"affected\", \"version\": \"20.3.3.1.2\"}, {\"status\": \"affected\", \"version\": \"20.3.3.1.1\"}, {\"status\": \"affected\", \"version\": \"20.4.1.2\"}, {\"status\": \"affected\", \"version\": \"20.3.3.0.2\"}, {\"status\": \"affected\", \"version\": \"20.4.1.1.5\"}, {\"status\": \"affected\", \"version\": \"20.4.1.0.01\"}, {\"status\": \"affected\", \"version\": \"20.4.1.0.02\"}, {\"status\": \"affected\", \"version\": \"20.3.3.1.7\"}, {\"status\": \"affected\", \"version\": \"20.3.3.1.5\"}, {\"status\": \"affected\", \"version\": \"20.5.1.0.1\"}, {\"status\": \"affected\", \"version\": \"20.3.3.1.10\"}, {\"status\": \"affected\", \"version\": \"20.3.3.0.8\"}, {\"status\": \"affected\", \"version\": \"20.4.2\"}, {\"status\": \"affected\", \"version\": \"20.4.2.0.1\"}, {\"status\": \"affected\", \"version\": \"20.3.4\"}, {\"status\": \"affected\", \"version\": \"20.3.3.0.14\"}, {\"status\": \"affected\", \"version\": \"19.2.4.0.8\"}, {\"status\": \"affected\", \"version\": \"19.2.4.0.9\"}, {\"status\": \"affected\", \"version\": \"20.3.4.0.1\"}, {\"status\": \"affected\", \"version\": \"20.3.2.0.5\"}, {\"status\": \"affected\", \"version\": \"20.6.1\"}, {\"status\": \"affected\", \"version\": \"20.5.1.0.2\"}, {\"status\": \"affected\", \"version\": \"20.3.3.0.17\"}, {\"status\": \"affected\", \"version\": \"20.6.1.1\"}, {\"status\": \"affected\", \"version\": \"20.6.0.18.3\"}, {\"status\": \"affected\", \"version\": \"20.3.2.0.6\"}, {\"status\": \"affected\", \"version\": \"20.6.0.18.4\"}, {\"status\": \"affected\", \"version\": \"20.4.2.0.2\"}, {\"status\": \"affected\", \"version\": \"20.3.3.0.16\"}, {\"status\": \"affected\", \"version\": \"20.3.4.0.5\"}, {\"status\": \"affected\", \"version\": \"20.6.1.0.1\"}, {\"status\": \"affected\", \"version\": \"20.3.4.0.6\"}, {\"status\": \"affected\", \"version\": \"20.6.2\"}, {\"status\": \"affected\", \"version\": \"20.7.1EFT2\"}, {\"status\": \"affected\", \"version\": \"20.3.4.0.9\"}, {\"status\": \"affected\", \"version\": \"20.3.4.0.11\"}, {\"status\": \"affected\", \"version\": \"20.4.2.0.4\"}, {\"status\": \"affected\", \"version\": \"20.3.3.0.18\"}, {\"status\": \"affected\", \"version\": \"20.7.1\"}, {\"status\": \"affected\", \"version\": \"20.6.2.1\"}, {\"status\": \"affected\", \"version\": \"20.3.4.1\"}, {\"status\": \"affected\", \"version\": \"20.5.1.1\"}, {\"status\": \"affected\", \"version\": \"20.4.2.1\"}, {\"status\": \"affected\", \"version\": \"20.4.2.1.1\"}, {\"status\": \"affected\", \"version\": \"20.3.4.1.1\"}, {\"status\": \"affected\", \"version\": \"20.3.813\"}, {\"status\": \"affected\", \"version\": \"20.3.4.0.19\"}, {\"status\": \"affected\", \"version\": \"20.4.2.2.1\"}, {\"status\": \"affected\", \"version\": \"20.5.1.2\"}, {\"status\": \"affected\", \"version\": \"20.3.4.2\"}, {\"status\": \"affected\", \"version\": \"20.3.814\"}, {\"status\": \"affected\", \"version\": \"20.4.2.2\"}, {\"status\": \"affected\", \"version\": \"20.6.2.2\"}, {\"status\": \"affected\", \"version\": \"20.3.4.2.1\"}, {\"status\": \"affected\", \"version\": \"20.7.1.1\"}, {\"status\": \"affected\", \"version\": \"20.3.4.1.2\"}, {\"status\": \"affected\", \"version\": \"20.6.2.2.2\"}, {\"status\": \"affected\", \"version\": \"20.3.4.0.20\"}, {\"status\": \"affected\", \"version\": \"20.6.2.2.3\"}, {\"status\": \"affected\", \"version\": \"20.4.2.2.2\"}, {\"status\": \"affected\", \"version\": \"20.3.5\"}, {\"status\": \"affected\", \"version\": \"20.6.2.0.4\"}, {\"status\": \"affected\", \"version\": \"20.4.2.2.3\"}, {\"status\": \"affected\", \"version\": \"20.3.4.0.24\"}, {\"status\": \"affected\", \"version\": \"20.6.2.2.7\"}, {\"status\": \"affected\", \"version\": \"20.6.3\"}, {\"status\": \"affected\", \"version\": \"20.3.4.2.2\"}, {\"status\": \"affected\", \"version\": \"20.4.2.2.4\"}, {\"status\": \"affected\", \"version\": \"20.7.1.0.2\"}, {\"status\": \"affected\", \"version\": \"20.8.1\"}, {\"status\": \"affected\", \"version\": \"20.3.5.0.8\"}, {\"status\": \"affected\", \"version\": \"20.3.5.0.9\"}, {\"status\": \"affected\", \"version\": \"20.4.2.2.8\"}, {\"status\": \"affected\", \"version\": \"20.3.5.0.7\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.7\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.5\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.10\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.2\"}, {\"status\": \"affected\", \"version\": \"20.7.2\"}, {\"status\": \"affected\", \"version\": \"20.9.1EFT2\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.11\"}, {\"status\": \"affected\", \"version\": \"20.6.3.1\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.14\"}, {\"status\": \"affected\", \"version\": \"20.6.4\"}, {\"status\": \"affected\", \"version\": \"20.9.1\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.19\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.18\"}, {\"status\": \"affected\", \"version\": \"20.3.6\"}, {\"status\": \"affected\", \"version\": \"20.9.1.1\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.23\"}, {\"status\": \"affected\", \"version\": \"20.6.4.0.4\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.25\"}, {\"status\": \"affected\", \"version\": \"20.6.5\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.27\"}, {\"status\": \"affected\", \"version\": \"20.9.2\"}, {\"status\": \"affected\", \"version\": \"20.9.2.1\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.29\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.31\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.32\"}, {\"status\": \"affected\", \"version\": \"20.10.1\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.33\"}, {\"status\": \"affected\", \"version\": \"20.9.2.0.01\"}, {\"status\": \"affected\", \"version\": \"20.9.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.10.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.2_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.3.7\"}, {\"status\": \"affected\", \"version\": \"20.9.3\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1\"}, {\"status\": \"affected\", \"version\": \"20.11.1\"}, {\"status\": \"affected\", \"version\": \"20.11.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.3_LI_ Images\"}, {\"status\": \"affected\", \"version\": \"20.6.3.1.1\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.2\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.2\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.3\"}, {\"status\": \"affected\", \"version\": \"20.4.2.3\"}, {\"status\": \"affected\", \"version\": \"20.6.3.2\"}, {\"status\": \"affected\", \"version\": \"20.6.4.1\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.38\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.39\"}, {\"status\": \"affected\", \"version\": \"20.3.5.1\"}, {\"status\": \"affected\", \"version\": \"20.3.4.3\"}, {\"status\": \"affected\", \"version\": \"20.9.3.1\"}, {\"status\": \"affected\", \"version\": \"20.3.3.2\"}, {\"status\": \"affected\", \"version\": \"20.6.5.2\"}, {\"status\": \"affected\", \"version\": \"20.3.7.1\"}, {\"status\": \"affected\", \"version\": \"20.10.1.1\"}, {\"status\": \"affected\", \"version\": \"20.6.5.2.1\"}, {\"status\": \"affected\", \"version\": \"20.3.4.0.25\"}, {\"status\": \"affected\", \"version\": \"20.6.2.2.4\"}, {\"status\": \"affected\", \"version\": \"20.6.1.2\"}, {\"status\": \"affected\", \"version\": \"20.11.1.1\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.5\"}, {\"status\": \"affected\", \"version\": \"20.3.4.0.26\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.3\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.40\"}, {\"status\": \"affected\", \"version\": \"20.1.3.1\"}, {\"status\": \"affected\", \"version\": \"20.9.2.2\"}, {\"status\": \"affected\", \"version\": \"20.6.5.2.3\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.4\"}, {\"status\": \"affected\", \"version\": \"20.6.5.3\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.41\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.7\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.5\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.4\"}, {\"status\": \"affected\", \"version\": \"20.6.4.0.19\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.6\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.8\"}, {\"status\": \"affected\", \"version\": \"20.6.3.3\"}, {\"status\": \"affected\", \"version\": \"20.3.7.2\"}, {\"status\": \"affected\", \"version\": \"20.6.5.4\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.7\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.12\"}, {\"status\": \"affected\", \"version\": \"20.6.4.2\"}, {\"status\": \"affected\", \"version\": \"20.6.5.5\"}, {\"status\": \"affected\", \"version\": \"20.9.3.2\"}, {\"status\": \"affected\", \"version\": \"20.11.1.2\"}, {\"status\": \"affected\", \"version\": \"20.6.3.4\"}, {\"status\": \"affected\", \"version\": \"20.10.1.2\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.9\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.16\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.45\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.10\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.17\"}, {\"status\": \"affected\", \"version\": \"20.6.5.2.4\"}, {\"status\": \"affected\", \"version\": \"20.6.4.0.21\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.18\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.46\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.47\"}, {\"status\": \"affected\", \"version\": \"20.9.2.3\"}, {\"status\": \"affected\", \"version\": \"20.9.3.2_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.21\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.20\"}, {\"status\": \"affected\", \"version\": \"20.9.4_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.4\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.11\"}, {\"status\": \"affected\", \"version\": \"20.12.1\"}, {\"status\": \"affected\", \"version\": \"20.12.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.13\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.23\"}, {\"status\": \"affected\", \"version\": \"20.6.5.2.8\"}, {\"status\": \"affected\", \"version\": \"20.9.4.1\"}, {\"status\": \"affected\", \"version\": \"20.9.4.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.25\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.24\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.14\"}, {\"status\": \"affected\", \"version\": \"20.3.8\"}, {\"status\": \"affected\", \"version\": \"20.6.6\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.26\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.51\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.29\"}, {\"status\": \"affected\", \"version\": \"20.12.2\"}, {\"status\": \"affected\", \"version\": \"20.12.2_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.6.6.0.1\"}, {\"status\": \"affected\", \"version\": \"20.13.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.4.0.4\"}, {\"status\": \"affected\", \"version\": \"20.13.1\"}, {\"status\": \"affected\", \"version\": \"20.9.4.1.1\"}, {\"status\": \"affected\", \"version\": \"20.9.5\"}, {\"status\": \"affected\", \"version\": \"20.9.5_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.12.3_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.12.3\"}, {\"status\": \"affected\", \"version\": \"20.9.4.1.3\"}, {\"status\": \"affected\", \"version\": \"20.6.7\"}, {\"status\": \"affected\", \"version\": \"20.9.5.1\"}, {\"status\": \"affected\", \"version\": \"20.9.5.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.4.1.6\"}, {\"status\": \"affected\", \"version\": \"20.14.1\"}, {\"status\": \"affected\", \"version\": \"20.14.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.5.2\"}, {\"status\": \"affected\", \"version\": \"20.9.5.2.1\"}, {\"status\": \"affected\", \"version\": \"20.9.5.2_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.12.3.1\"}, {\"status\": \"affected\", \"version\": \"20.12.4\"}, {\"status\": \"affected\", \"version\": \"20.15.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.15.1\"}, {\"status\": \"affected\", \"version\": \"20.9.5.1.4\"}, {\"status\": \"affected\", \"version\": \"20.9.5.2.7\"}, {\"status\": \"affected\", \"version\": \"20.9.5.2.13\"}, {\"status\": \"affected\", \"version\": \"20.9.6\"}, {\"status\": \"affected\", \"version\": \"20.9.6_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.5.2.14\"}, {\"status\": \"affected\", \"version\": \"20.6.8\"}, {\"status\": \"affected\", \"version\": \"20.12.4.0.03\"}, {\"status\": \"affected\", \"version\": \"20.16.1\"}, {\"status\": \"affected\", \"version\": \"20.16.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.12.4_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.5.2.16\"}, {\"status\": \"affected\", \"version\": \"20.12.4.0.4\"}, {\"status\": \"affected\", \"version\": \"20.12.401\"}, {\"status\": \"affected\", \"version\": \"20.9.5.3\"}, {\"status\": \"affected\", \"version\": \"20.9.5.3_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.12.4.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.12.4.1\"}, {\"status\": \"affected\", \"version\": \"20.9.5.2.21\"}, {\"status\": \"affected\", \"version\": \"20.9.6.0.3\"}, {\"status\": \"affected\", \"version\": \"20.12.4.0.6\"}, {\"status\": \"affected\", \"version\": \"20.15.2_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.15.2\"}, {\"status\": \"affected\", \"version\": \"20.12.4_Monthly_ES5\"}, {\"status\": \"affected\", \"version\": \"20.12.5\"}, {\"status\": \"affected\", \"version\": \"20.12.5_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.7_LI _Images\"}, {\"status\": \"affected\", \"version\": \"20.9.7\"}, {\"status\": \"affected\", \"version\": \"20.15.3\"}, {\"status\": \"affected\", \"version\": \"20.15.3_ LI _Images\"}, {\"status\": \"affected\", \"version\": \"20.12.501\"}, {\"status\": \"affected\", \"version\": \"20.12.5.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.12.5.1\"}, {\"status\": \"affected\", \"version\": \"20.12.5.2_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.12.5.2\"}, {\"status\": \"affected\", \"version\": \"20.15.3.1\"}, {\"status\": \"affected\", \"version\": \"20.15.4_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.15.4\"}, {\"status\": \"affected\", \"version\": \"20.9.7.1_LI _Images\"}, {\"status\": \"affected\", \"version\": \"20.9.7.1\"}, {\"status\": \"affected\", \"version\": \"20.18.1\"}, {\"status\": \"affected\", \"version\": \"20.18.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.12.6_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.12.6\"}, {\"status\": \"affected\", \"version\": \"20.12.5.1.01\"}, {\"status\": \"affected\", \"version\": \"20.9.8\"}, {\"status\": \"affected\", \"version\": \"20.9.8_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.18.2\"}, {\"status\": \"affected\", \"version\": \"20.15.4.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.15.4.1\"}, {\"status\": \"affected\", \"version\": \"20.18.2_LI_Images\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is aware of limited exploitation of this vulnerability. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk\", \"name\": \"cisco-sa-sdwan-rpa-EHchtZk\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.\\r\\n\\r\\nThis vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root\u0026nbsp;user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.\u0026nbsp;\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-287\", \"description\": \"Improper Authentication\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2026-02-25T16:18:10.274Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-20127\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-26T14:44:06.050Z\", \"dateReserved\": \"2025-10-08T11:59:15.379Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2026-02-25T16:14:20.137Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…