CVE-2020-3468

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates values within SQL queries. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on or return values from the underlying database or the operating system.
Configurations

Configuration 1

cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*

Information

Published : 2020-07-16 06:15

Updated : 2020-07-23 05:07


NVD link : CVE-2020-3468

Mitre link : CVE-2020-3468

Products Affected
No products.
CWE