Common Weakness Enumeration

CWE-779

Allowed

Logging of Excessive Data

Abstraction: Base · Status: Draft

The product logs too much information, making log files hard to process and possibly hindering recovery efforts or forensic analysis after an attack.

29 vulnerabilities reference this CWE, most recent first.

CVE-2026-28718 (GCVE-0-2026-28718)

Vulnerability from cvelistv5 – Published: 2026-03-05 23:54 – Updated: 2026-03-09 16:37
VLAI
Summary
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Acronis Acronis Cyber Protect 17 Affected: unspecified , < 41186 (semver)
Create a notification for this product.
Credits
@vultza (https://hackerone.com/vultza)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-28718",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-09T16:37:49.684340Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-09T16:37:56.483Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux",
            "Windows"
          ],
          "product": "Acronis Cyber Protect 17",
          "vendor": "Acronis",
          "versions": [
            {
              "lessThan": "41186",
              "status": "affected",
              "version": "unspecified",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "@vultza (https://hackerone.com/vultza)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-779",
              "description": "CWE-779",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-05T23:54:05.522Z",
        "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "shortName": "Acronis"
      },
      "references": [
        {
          "name": "SEC-8377",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security-advisory.acronis.com/advisories/SEC-8377"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
    "assignerShortName": "Acronis",
    "cveId": "CVE-2026-28718",
    "datePublished": "2026-03-05T23:54:05.522Z",
    "dateReserved": "2026-03-03T02:29:03.753Z",
    "dateUpdated": "2026-03-09T16:37:56.483Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-20210 (GCVE-0-2026-20210)

Vulnerability from cvelistv5 – Published: 2026-05-14 16:08 – Updated: 2026-05-15 03:56
VLAI
Title
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability
Summary
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system. This vulnerability exists because of a failure to redact sensitive information within device configurations and templates. An attacker could exploit this vulnerability by elevating their read-only permissions to those of a high-privileged user. A successful exploit could allow the attacker to access or modify configuration settings within Cisco Catalyst SD-WAN Manager as a high-privileged user.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-779 - Logging of Excessive Data
Assigner
Impacted products
Vendor Product Version
Cisco Cisco Catalyst SD-WAN Manager Affected: 20.1.12
Affected: 19.2.1
Affected: 18.4.4
Affected: 18.4.5
Affected: 20.1.1.1
Affected: 20.1.1
Affected: 19.3.0
Affected: 19.2.2
Affected: 19.2.099
Affected: 18.3.6
Affected: 18.3.7
Affected: 19.2.0
Affected: 18.3.8
Affected: 19.0.0
Affected: 19.1.0
Affected: 18.4.302
Affected: 18.4.303
Affected: 19.2.097
Affected: 19.2.098
Affected: 17.2.10
Affected: 18.3.6.1
Affected: 19.0.1a
Affected: 18.2.0
Affected: 18.4.3
Affected: 18.4.1
Affected: 17.2.8
Affected: 18.3.3.1
Affected: 18.4.0
Affected: 18.3.1
Affected: 17.2.6
Affected: 17.2.9
Affected: 18.3.4
Affected: 17.2.5
Affected: 18.3.1.1
Affected: 18.3.5
Affected: 18.4.0.1
Affected: 18.3.3
Affected: 17.2.7
Affected: 17.2.4
Affected: 18.3.0
Affected: 19.2.3
Affected: 18.4.501_ES
Affected: 20.3.1
Affected: 20.1.2
Affected: 19.2.929
Affected: 19.2.31
Affected: 20.3.2
Affected: 19.2.32
Affected: 20.3.2_925
Affected: 20.3.2.1
Affected: 20.3.2.1_927
Affected: 18.4.6
Affected: 20.1.2_937
Affected: 20.4.1
Affected: 20.3.2_928
Affected: 20.3.2_929
Affected: 20.4.1.0.1
Affected: 20.3.2.1_930
Affected: 19.2.4
Affected: 20.5.0.1.1
Affected: 20.4.1.1
Affected: 20.3.3
Affected: 19.2.4.0.1
Affected: 20.3.2_937
Affected: 20.3.3.1
Affected: 20.5.1
Affected: 20.1.3
Affected: 20.3.3.0.4
Affected: 20.3.3.1.2
Affected: 20.3.3.1.1
Affected: 20.4.1.2
Affected: 20.3.3.0.2
Affected: 20.4.1.1.5
Affected: 20.4.1.0.01
Affected: 20.4.1.0.02
Affected: 20.3.3.1.7
Affected: 20.3.3.1.5
Affected: 20.5.1.0.1
Affected: 20.3.3.1.10
Affected: 20.3.3.0.8
Affected: 20.4.2
Affected: 20.4.2.0.1
Affected: 20.3.4
Affected: 20.3.3.0.14
Affected: 19.2.4.0.8
Affected: 19.2.4.0.9
Affected: 20.3.4.0.1
Affected: 20.3.2.0.5
Affected: 20.6.1
Affected: 20.5.1.0.2
Affected: 20.3.3.0.17
Affected: 20.6.1.1
Affected: 20.6.0.18.3
Affected: 20.3.2.0.6
Affected: 20.6.0.18.4
Affected: 20.4.2.0.2
Affected: 20.3.3.0.16
Affected: 20.3.4.0.5
Affected: 20.6.1.0.1
Affected: 20.3.4.0.6
Affected: 20.6.2
Affected: 20.7.1EFT2
Affected: 20.3.4.0.9
Affected: 20.3.4.0.11
Affected: 20.4.2.0.4
Affected: 20.3.3.0.18
Affected: 20.7.1
Affected: 20.6.2.1
Affected: 20.3.4.1
Affected: 20.5.1.1
Affected: 20.4.2.1
Affected: 20.4.2.1.1
Affected: 20.3.4.1.1
Affected: 20.3.813
Affected: 20.3.4.0.19
Affected: 20.4.2.2.1
Affected: 20.5.1.2
Affected: 20.3.4.2
Affected: 20.3.814
Affected: 20.4.2.2
Affected: 20.6.2.2
Affected: 20.3.4.2.1
Affected: 20.7.1.1
Affected: 20.3.4.1.2
Affected: 20.6.2.2.2
Affected: 20.3.4.0.20
Affected: 20.6.2.2.3
Affected: 20.4.2.2.2
Affected: 20.3.5
Affected: 20.6.2.0.4
Affected: 20.4.2.2.3
Affected: 20.3.4.0.24
Affected: 20.6.2.2.7
Affected: 20.6.3
Affected: 20.3.4.2.2
Affected: 20.4.2.2.4
Affected: 20.7.1.0.2
Affected: 20.8.1
Affected: 20.3.5.0.8
Affected: 20.3.5.0.9
Affected: 20.4.2.2.8
Affected: 20.3.5.0.7
Affected: 20.6.3.0.7
Affected: 20.6.3.0.5
Affected: 20.6.3.0.10
Affected: 20.6.3.0.2
Affected: 20.7.2
Affected: 20.9.1EFT2
Affected: 20.6.3.0.11
Affected: 20.6.3.1
Affected: 20.6.3.0.14
Affected: 20.6.4
Affected: 20.9.1
Affected: 20.6.3.0.19
Affected: 20.6.3.0.18
Affected: 20.3.6
Affected: 20.9.1.1
Affected: 20.6.3.0.23
Affected: 20.6.4.0.4
Affected: 20.6.3.0.25
Affected: 20.6.5
Affected: 20.6.3.0.27
Affected: 20.9.2
Affected: 20.9.2.1
Affected: 20.6.3.0.29
Affected: 20.6.3.0.31
Affected: 20.6.3.0.32
Affected: 20.10.1
Affected: 20.6.3.0.33
Affected: 20.9.2.0.01
Affected: 20.9.1_LI_Images
Affected: 20.10.1_LI_Images
Affected: 20.9.2_LI_Images
Affected: 20.3.7
Affected: 20.9.3
Affected: 20.6.5.1
Affected: 20.11.1
Affected: 20.11.1_LI_Images
Affected: 20.9.3_LI_ Images
Affected: 20.6.3.1.1
Affected: 20.9.3.0.2
Affected: 20.6.5.1.2
Affected: 20.9.3.0.3
Affected: 20.4.2.3
Affected: 20.6.3.2
Affected: 20.6.4.1
Affected: 20.6.3.0.38
Affected: 20.6.3.0.39
Affected: 20.3.5.1
Affected: 20.3.4.3
Affected: 20.9.3.1
Affected: 20.3.3.2
Affected: 20.6.5.2
Affected: 20.3.7.1
Affected: 20.10.1.1
Affected: 20.6.5.2.1
Affected: 20.3.4.0.25
Affected: 20.6.2.2.4
Affected: 20.6.1.2
Affected: 20.11.1.1
Affected: 20.9.3.0.5
Affected: 20.3.4.0.26
Affected: 20.6.5.1.3
Affected: 20.6.3.0.40
Affected: 20.1.3.1
Affected: 20.9.2.2
Affected: 20.6.5.2.3
Affected: 20.6.5.1.4
Affected: 20.6.5.3
Affected: 20.6.3.0.41
Affected: 20.9.3.0.7
Affected: 20.6.5.1.5
Affected: 20.9.3.0.4
Affected: 20.6.4.0.19
Affected: 20.6.5.1.6
Affected: 20.9.3.0.8
Affected: 20.6.3.3
Affected: 20.3.7.2
Affected: 20.6.5.4
Affected: 20.6.5.1.7
Affected: 20.9.3.0.12
Affected: 20.6.4.2
Affected: 20.6.5.5
Affected: 20.9.3.2
Affected: 20.11.1.2
Affected: 20.6.3.4
Affected: 20.10.1.2
Affected: 20.6.5.1.9
Affected: 20.9.3.0.16
Affected: 20.6.3.0.45
Affected: 20.6.5.1.10
Affected: 20.9.3.0.17
Affected: 20.6.5.2.4
Affected: 20.6.4.0.21
Affected: 20.9.3.0.18
Affected: 20.6.3.0.46
Affected: 20.6.3.0.47
Affected: 20.9.2.3
Affected: 20.9.3.2_LI_Images
Affected: 20.9.3.0.21
Affected: 20.9.3.0.20
Affected: 20.9.4_LI_Images
Affected: 20.9.4
Affected: 20.6.5.1.11
Affected: 20.12.1
Affected: 20.12.1_LI_Images
Affected: 20.6.5.1.13
Affected: 20.9.3.0.23
Affected: 20.6.5.2.8
Affected: 20.9.4.1
Affected: 20.9.4.1_LI_Images
Affected: 20.9.3.0.25
Affected: 20.9.3.0.24
Affected: 20.6.5.1.14
Affected: 20.3.8
Affected: 20.6.6
Affected: 20.9.3.0.26
Affected: 20.6.3.0.51
Affected: 20.9.3.0.29
Affected: 20.12.2
Affected: 20.12.2_LI_Images
Affected: 20.6.6.0.1
Affected: 20.13.1_LI_Images
Affected: 20.9.4.0.4
Affected: 20.13.1
Affected: 20.9.4.1.1
Affected: 20.9.5
Affected: 20.9.5_LI_Images
Affected: 20.12.3_LI_Images
Affected: 20.12.3
Affected: 20.9.4.1.3
Affected: 20.6.7
Affected: 20.9.5.1
Affected: 20.9.5.1_LI_Images
Affected: 20.9.4.1.6
Affected: 20.14.1
Affected: 20.14.1_LI_Images
Affected: 20.9.5.2
Affected: 20.9.5.2.1
Affected: 20.9.5.2_LI_Images
Affected: 20.12.3.1
Affected: 20.12.4
Affected: 20.15.1_LI_Images
Affected: 20.15.1
Affected: 20.9.5.1.4
Affected: 20.9.5.2.7
Affected: 20.9.5.2.13
Affected: 20.9.6
Affected: 20.9.6_LI_Images
Affected: 20.9.5.2.14
Affected: 20.6.8
Affected: 20.12.4.0.03
Affected: 20.16.1
Affected: 20.16.1_LI_Images
Affected: 20.12.4_LI_Images
Affected: 20.9.5.2.16
Affected: 20.12.4.0.4
Affected: 20.12.401
Affected: 20.9.5.3
Affected: 20.9.5.3_LI_Images
Affected: 20.12.4.1_LI_Images
Affected: 20.12.4.1
Affected: 20.9.5.2.21
Affected: 20.9.6.0.3
Affected: 20.12.4.0.6
Affected: 20.15.2_LI_Images
Affected: 20.15.2
Affected: 20.12.4_Monthly_ES5
Affected: 20.12.5
Affected: 20.12.5_LI_Images
Affected: 20.9.7_LI _Images
Affected: 20.9.7
Affected: 20.15.3
Affected: 20.15.3_ LI _Images
Affected: 20.12.501
Affected: 20.12.5.1_LI_Images
Affected: 20.12.5.1
Affected: 20.12.5.2_LI_Images
Affected: 20.12.5.2
Affected: 20.15.3.1
Affected: 20.15.4_LI_Images
Affected: 20.15.4
Affected: 20.9.7.1_LI _Images
Affected: 20.9.7.1
Affected: 20.18.1
Affected: 20.18.1_LI_Images
Affected: 20.12.6_LI_Images
Affected: 20.12.6
Affected: 20.12.5.1.01
Affected: 26.0.1
Affected: 20.9.8
Affected: 20.9.8_LI_Images
Affected: 20.18.2
Affected: 20.15.4.1_LI_Images
Affected: 20.15.4.1
Affected: 20.18.2_LI_Images
Affected: 20.18.2.1_LI_Images
Affected: 20.18.2.1
Affected: 20.15.4.2_LI_Images
Affected: 20.15.4.2
Affected: 20.12.6.1
Affected: 20.12.6.1_LI_Images
Affected: 20.12.5.3
Affected: 20.12.5.3_LI_Images
Affected: 20.9.8.2_LI_Images
Affected: 20.9.8.2
Affected: 20.18.3
Affected: 20.18.3_LI_Images
Affected: 20.15.5
Affected: 20.15.5_LI_Images
Affected: 20.12.7
Affected: 20.12.7_LI_Images
Affected: 20.9.9
Affected: 20.9.9_LI_Images
Affected: 20.18.2.2
Affected: 20.18.2.2_LI_Images
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-20210",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-14T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T03:56:12.822Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Catalyst SD-WAN Manager",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "20.1.12"
            },
            {
              "status": "affected",
              "version": "19.2.1"
            },
            {
              "status": "affected",
              "version": "18.4.4"
            },
            {
              "status": "affected",
              "version": "18.4.5"
            },
            {
              "status": "affected",
              "version": "20.1.1.1"
            },
            {
              "status": "affected",
              "version": "20.1.1"
            },
            {
              "status": "affected",
              "version": "19.3.0"
            },
            {
              "status": "affected",
              "version": "19.2.2"
            },
            {
              "status": "affected",
              "version": "19.2.099"
            },
            {
              "status": "affected",
              "version": "18.3.6"
            },
            {
              "status": "affected",
              "version": "18.3.7"
            },
            {
              "status": "affected",
              "version": "19.2.0"
            },
            {
              "status": "affected",
              "version": "18.3.8"
            },
            {
              "status": "affected",
              "version": "19.0.0"
            },
            {
              "status": "affected",
              "version": "19.1.0"
            },
            {
              "status": "affected",
              "version": "18.4.302"
            },
            {
              "status": "affected",
              "version": "18.4.303"
            },
            {
              "status": "affected",
              "version": "19.2.097"
            },
            {
              "status": "affected",
              "version": "19.2.098"
            },
            {
              "status": "affected",
              "version": "17.2.10"
            },
            {
              "status": "affected",
              "version": "18.3.6.1"
            },
            {
              "status": "affected",
              "version": "19.0.1a"
            },
            {
              "status": "affected",
              "version": "18.2.0"
            },
            {
              "status": "affected",
              "version": "18.4.3"
            },
            {
              "status": "affected",
              "version": "18.4.1"
            },
            {
              "status": "affected",
              "version": "17.2.8"
            },
            {
              "status": "affected",
              "version": "18.3.3.1"
            },
            {
              "status": "affected",
              "version": "18.4.0"
            },
            {
              "status": "affected",
              "version": "18.3.1"
            },
            {
              "status": "affected",
              "version": "17.2.6"
            },
            {
              "status": "affected",
              "version": "17.2.9"
            },
            {
              "status": "affected",
              "version": "18.3.4"
            },
            {
              "status": "affected",
              "version": "17.2.5"
            },
            {
              "status": "affected",
              "version": "18.3.1.1"
            },
            {
              "status": "affected",
              "version": "18.3.5"
            },
            {
              "status": "affected",
              "version": "18.4.0.1"
            },
            {
              "status": "affected",
              "version": "18.3.3"
            },
            {
              "status": "affected",
              "version": "17.2.7"
            },
            {
              "status": "affected",
              "version": "17.2.4"
            },
            {
              "status": "affected",
              "version": "18.3.0"
            },
            {
              "status": "affected",
              "version": "19.2.3"
            },
            {
              "status": "affected",
              "version": "18.4.501_ES"
            },
            {
              "status": "affected",
              "version": "20.3.1"
            },
            {
              "status": "affected",
              "version": "20.1.2"
            },
            {
              "status": "affected",
              "version": "19.2.929"
            },
            {
              "status": "affected",
              "version": "19.2.31"
            },
            {
              "status": "affected",
              "version": "20.3.2"
            },
            {
              "status": "affected",
              "version": "19.2.32"
            },
            {
              "status": "affected",
              "version": "20.3.2_925"
            },
            {
              "status": "affected",
              "version": "20.3.2.1"
            },
            {
              "status": "affected",
              "version": "20.3.2.1_927"
            },
            {
              "status": "affected",
              "version": "18.4.6"
            },
            {
              "status": "affected",
              "version": "20.1.2_937"
            },
            {
              "status": "affected",
              "version": "20.4.1"
            },
            {
              "status": "affected",
              "version": "20.3.2_928"
            },
            {
              "status": "affected",
              "version": "20.3.2_929"
            },
            {
              "status": "affected",
              "version": "20.4.1.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.2.1_930"
            },
            {
              "status": "affected",
              "version": "19.2.4"
            },
            {
              "status": "affected",
              "version": "20.5.0.1.1"
            },
            {
              "status": "affected",
              "version": "20.4.1.1"
            },
            {
              "status": "affected",
              "version": "20.3.3"
            },
            {
              "status": "affected",
              "version": "19.2.4.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.2_937"
            },
            {
              "status": "affected",
              "version": "20.3.3.1"
            },
            {
              "status": "affected",
              "version": "20.5.1"
            },
            {
              "status": "affected",
              "version": "20.1.3"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.4"
            },
            {
              "status": "affected",
              "version": "20.3.3.1.2"
            },
            {
              "status": "affected",
              "version": "20.3.3.1.1"
            },
            {
              "status": "affected",
              "version": "20.4.1.2"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.2"
            },
            {
              "status": "affected",
              "version": "20.4.1.1.5"
            },
            {
              "status": "affected",
              "version": "20.4.1.0.01"
            },
            {
              "status": "affected",
              "version": "20.4.1.0.02"
            },
            {
              "status": "affected",
              "version": "20.3.3.1.7"
            },
            {
              "status": "affected",
              "version": "20.3.3.1.5"
            },
            {
              "status": "affected",
              "version": "20.5.1.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.3.1.10"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.8"
            },
            {
              "status": "affected",
              "version": "20.4.2"
            },
            {
              "status": "affected",
              "version": "20.4.2.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.4"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.14"
            },
            {
              "status": "affected",
              "version": "19.2.4.0.8"
            },
            {
              "status": "affected",
              "version": "19.2.4.0.9"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.2.0.5"
            },
            {
              "status": "affected",
              "version": "20.6.1"
            },
            {
              "status": "affected",
              "version": "20.5.1.0.2"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.17"
            },
            {
              "status": "affected",
              "version": "20.6.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.0.18.3"
            },
            {
              "status": "affected",
              "version": "20.3.2.0.6"
            },
            {
              "status": "affected",
              "version": "20.6.0.18.4"
            },
            {
              "status": "affected",
              "version": "20.4.2.0.2"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.16"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.5"
            },
            {
              "status": "affected",
              "version": "20.6.1.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.6"
            },
            {
              "status": "affected",
              "version": "20.6.2"
            },
            {
              "status": "affected",
              "version": "20.7.1EFT2"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.9"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.11"
            },
            {
              "status": "affected",
              "version": "20.4.2.0.4"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.18"
            },
            {
              "status": "affected",
              "version": "20.7.1"
            },
            {
              "status": "affected",
              "version": "20.6.2.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.1"
            },
            {
              "status": "affected",
              "version": "20.5.1.1"
            },
            {
              "status": "affected",
              "version": "20.4.2.1"
            },
            {
              "status": "affected",
              "version": "20.4.2.1.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.1.1"
            },
            {
              "status": "affected",
              "version": "20.3.813"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.19"
            },
            {
              "status": "affected",
              "version": "20.4.2.2.1"
            },
            {
              "status": "affected",
              "version": "20.5.1.2"
            },
            {
              "status": "affected",
              "version": "20.3.4.2"
            },
            {
              "status": "affected",
              "version": "20.3.814"
            },
            {
              "status": "affected",
              "version": "20.4.2.2"
            },
            {
              "status": "affected",
              "version": "20.6.2.2"
            },
            {
              "status": "affected",
              "version": "20.3.4.2.1"
            },
            {
              "status": "affected",
              "version": "20.7.1.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.1.2"
            },
            {
              "status": "affected",
              "version": "20.6.2.2.2"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.20"
            },
            {
              "status": "affected",
              "version": "20.6.2.2.3"
            },
            {
              "status": "affected",
              "version": "20.4.2.2.2"
            },
            {
              "status": "affected",
              "version": "20.3.5"
            },
            {
              "status": "affected",
              "version": "20.6.2.0.4"
            },
            {
              "status": "affected",
              "version": "20.4.2.2.3"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.24"
            },
            {
              "status": "affected",
              "version": "20.6.2.2.7"
            },
            {
              "status": "affected",
              "version": "20.6.3"
            },
            {
              "status": "affected",
              "version": "20.3.4.2.2"
            },
            {
              "status": "affected",
              "version": "20.4.2.2.4"
            },
            {
              "status": "affected",
              "version": "20.7.1.0.2"
            },
            {
              "status": "affected",
              "version": "20.8.1"
            },
            {
              "status": "affected",
              "version": "20.3.5.0.8"
            },
            {
              "status": "affected",
              "version": "20.3.5.0.9"
            },
            {
              "status": "affected",
              "version": "20.4.2.2.8"
            },
            {
              "status": "affected",
              "version": "20.3.5.0.7"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.7"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.5"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.10"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.2"
            },
            {
              "status": "affected",
              "version": "20.7.2"
            },
            {
              "status": "affected",
              "version": "20.9.1EFT2"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.11"
            },
            {
              "status": "affected",
              "version": "20.6.3.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.14"
            },
            {
              "status": "affected",
              "version": "20.6.4"
            },
            {
              "status": "affected",
              "version": "20.9.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.19"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.18"
            },
            {
              "status": "affected",
              "version": "20.3.6"
            },
            {
              "status": "affected",
              "version": "20.9.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.23"
            },
            {
              "status": "affected",
              "version": "20.6.4.0.4"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.25"
            },
            {
              "status": "affected",
              "version": "20.6.5"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.27"
            },
            {
              "status": "affected",
              "version": "20.9.2"
            },
            {
              "status": "affected",
              "version": "20.9.2.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.29"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.31"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.32"
            },
            {
              "status": "affected",
              "version": "20.10.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.33"
            },
            {
              "status": "affected",
              "version": "20.9.2.0.01"
            },
            {
              "status": "affected",
              "version": "20.9.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.10.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.3.7"
            },
            {
              "status": "affected",
              "version": "20.9.3"
            },
            {
              "status": "affected",
              "version": "20.6.5.1"
            },
            {
              "status": "affected",
              "version": "20.11.1"
            },
            {
              "status": "affected",
              "version": "20.11.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.3_LI_ Images"
            },
            {
              "status": "affected",
              "version": "20.6.3.1.1"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.2"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.3"
            },
            {
              "status": "affected",
              "version": "20.4.2.3"
            },
            {
              "status": "affected",
              "version": "20.6.3.2"
            },
            {
              "status": "affected",
              "version": "20.6.4.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.38"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.39"
            },
            {
              "status": "affected",
              "version": "20.3.5.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.3"
            },
            {
              "status": "affected",
              "version": "20.9.3.1"
            },
            {
              "status": "affected",
              "version": "20.3.3.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.2"
            },
            {
              "status": "affected",
              "version": "20.3.7.1"
            },
            {
              "status": "affected",
              "version": "20.10.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.5.2.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.25"
            },
            {
              "status": "affected",
              "version": "20.6.2.2.4"
            },
            {
              "status": "affected",
              "version": "20.6.1.2"
            },
            {
              "status": "affected",
              "version": "20.11.1.1"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.5"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.26"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.3"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.40"
            },
            {
              "status": "affected",
              "version": "20.1.3.1"
            },
            {
              "status": "affected",
              "version": "20.9.2.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.2.3"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.4"
            },
            {
              "status": "affected",
              "version": "20.6.5.3"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.41"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.7"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.5"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.4"
            },
            {
              "status": "affected",
              "version": "20.6.4.0.19"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.6"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.8"
            },
            {
              "status": "affected",
              "version": "20.6.3.3"
            },
            {
              "status": "affected",
              "version": "20.3.7.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.4"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.7"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.12"
            },
            {
              "status": "affected",
              "version": "20.6.4.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.5"
            },
            {
              "status": "affected",
              "version": "20.9.3.2"
            },
            {
              "status": "affected",
              "version": "20.11.1.2"
            },
            {
              "status": "affected",
              "version": "20.6.3.4"
            },
            {
              "status": "affected",
              "version": "20.10.1.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.9"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.16"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.45"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.10"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.17"
            },
            {
              "status": "affected",
              "version": "20.6.5.2.4"
            },
            {
              "status": "affected",
              "version": "20.6.4.0.21"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.18"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.46"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.47"
            },
            {
              "status": "affected",
              "version": "20.9.2.3"
            },
            {
              "status": "affected",
              "version": "20.9.3.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.21"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.20"
            },
            {
              "status": "affected",
              "version": "20.9.4_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.4"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.11"
            },
            {
              "status": "affected",
              "version": "20.12.1"
            },
            {
              "status": "affected",
              "version": "20.12.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.13"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.23"
            },
            {
              "status": "affected",
              "version": "20.6.5.2.8"
            },
            {
              "status": "affected",
              "version": "20.9.4.1"
            },
            {
              "status": "affected",
              "version": "20.9.4.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.25"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.24"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.14"
            },
            {
              "status": "affected",
              "version": "20.3.8"
            },
            {
              "status": "affected",
              "version": "20.6.6"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.26"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.51"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.29"
            },
            {
              "status": "affected",
              "version": "20.12.2"
            },
            {
              "status": "affected",
              "version": "20.12.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.6.6.0.1"
            },
            {
              "status": "affected",
              "version": "20.13.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.4.0.4"
            },
            {
              "status": "affected",
              "version": "20.13.1"
            },
            {
              "status": "affected",
              "version": "20.9.4.1.1"
            },
            {
              "status": "affected",
              "version": "20.9.5"
            },
            {
              "status": "affected",
              "version": "20.9.5_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.3_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.3"
            },
            {
              "status": "affected",
              "version": "20.9.4.1.3"
            },
            {
              "status": "affected",
              "version": "20.6.7"
            },
            {
              "status": "affected",
              "version": "20.9.5.1"
            },
            {
              "status": "affected",
              "version": "20.9.5.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.4.1.6"
            },
            {
              "status": "affected",
              "version": "20.14.1"
            },
            {
              "status": "affected",
              "version": "20.14.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.5.2"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.1"
            },
            {
              "status": "affected",
              "version": "20.9.5.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.3.1"
            },
            {
              "status": "affected",
              "version": "20.12.4"
            },
            {
              "status": "affected",
              "version": "20.15.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.1"
            },
            {
              "status": "affected",
              "version": "20.9.5.1.4"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.7"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.13"
            },
            {
              "status": "affected",
              "version": "20.9.6"
            },
            {
              "status": "affected",
              "version": "20.9.6_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.14"
            },
            {
              "status": "affected",
              "version": "20.6.8"
            },
            {
              "status": "affected",
              "version": "20.12.4.0.03"
            },
            {
              "status": "affected",
              "version": "20.16.1"
            },
            {
              "status": "affected",
              "version": "20.16.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.4_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.16"
            },
            {
              "status": "affected",
              "version": "20.12.4.0.4"
            },
            {
              "status": "affected",
              "version": "20.12.401"
            },
            {
              "status": "affected",
              "version": "20.9.5.3"
            },
            {
              "status": "affected",
              "version": "20.9.5.3_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.4.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.4.1"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.21"
            },
            {
              "status": "affected",
              "version": "20.9.6.0.3"
            },
            {
              "status": "affected",
              "version": "20.12.4.0.6"
            },
            {
              "status": "affected",
              "version": "20.15.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.2"
            },
            {
              "status": "affected",
              "version": "20.12.4_Monthly_ES5"
            },
            {
              "status": "affected",
              "version": "20.12.5"
            },
            {
              "status": "affected",
              "version": "20.12.5_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.7_LI _Images"
            },
            {
              "status": "affected",
              "version": "20.9.7"
            },
            {
              "status": "affected",
              "version": "20.15.3"
            },
            {
              "status": "affected",
              "version": "20.15.3_ LI _Images"
            },
            {
              "status": "affected",
              "version": "20.12.501"
            },
            {
              "status": "affected",
              "version": "20.12.5.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.5.1"
            },
            {
              "status": "affected",
              "version": "20.12.5.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.5.2"
            },
            {
              "status": "affected",
              "version": "20.15.3.1"
            },
            {
              "status": "affected",
              "version": "20.15.4_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.4"
            },
            {
              "status": "affected",
              "version": "20.9.7.1_LI _Images"
            },
            {
              "status": "affected",
              "version": "20.9.7.1"
            },
            {
              "status": "affected",
              "version": "20.18.1"
            },
            {
              "status": "affected",
              "version": "20.18.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.6_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.6"
            },
            {
              "status": "affected",
              "version": "20.12.5.1.01"
            },
            {
              "status": "affected",
              "version": "26.0.1"
            },
            {
              "status": "affected",
              "version": "20.9.8"
            },
            {
              "status": "affected",
              "version": "20.9.8_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.18.2"
            },
            {
              "status": "affected",
              "version": "20.15.4.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.4.1"
            },
            {
              "status": "affected",
              "version": "20.18.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.18.2.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.18.2.1"
            },
            {
              "status": "affected",
              "version": "20.15.4.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.4.2"
            },
            {
              "status": "affected",
              "version": "20.12.6.1"
            },
            {
              "status": "affected",
              "version": "20.12.6.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.5.3"
            },
            {
              "status": "affected",
              "version": "20.12.5.3_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.8.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.8.2"
            },
            {
              "status": "affected",
              "version": "20.18.3"
            },
            {
              "status": "affected",
              "version": "20.18.3_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.5"
            },
            {
              "status": "affected",
              "version": "20.15.5_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.7"
            },
            {
              "status": "affected",
              "version": "20.12.7_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.9"
            },
            {
              "status": "affected",
              "version": "20.9.9_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.18.2.2"
            },
            {
              "status": "affected",
              "version": "20.18.2.2_LI_Images"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system.\r\n\r\nThis vulnerability exists because of a failure to redact sensitive information within device configurations and templates. An attacker could exploit this vulnerability by elevating their read-only permissions to those of a high-privileged user. A successful exploit could allow the attacker to access or modify configuration settings within Cisco Catalyst SD-WAN Manager as a high-privileged user."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-779",
              "description": "Logging of Excessive Data",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-14T16:08:46.451Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-sdwan-mltvnps2-JxpWm7R",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R"
        },
        {
          "name": "Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability\u003c/a\u003e was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The \u003ca href=\"#IOC\"\u003eIndicators of Compromise",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk"
        }
      ],
      "source": {
        "advisory": "cisco-sa-sdwan-mltvnps2-JxpWm7R",
        "defects": [
          "CSCwt38767"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2026-20210",
    "datePublished": "2026-05-14T16:08:46.451Z",
    "dateReserved": "2025-10-08T11:59:15.398Z",
    "dateUpdated": "2026-05-15T03:56:12.822Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-20209 (GCVE-0-2026-20209)

Vulnerability from cvelistv5 – Published: 2026-05-14 16:08 – Updated: 2026-05-15 03:56
VLAI
Title
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability
Summary
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive session information is recorded in audit logs. An attacker could exploit this vulnerability by elevating their read-only permissions in Cisco Catalyst SD-WAN Manager to those of a high-privileged user. A successful exploit could allow the attacker to perform actions as a high-privileged user.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-779 - Logging of Excessive Data
Assigner
Impacted products
Vendor Product Version
Cisco Cisco Catalyst SD-WAN Manager Affected: 20.1.12
Affected: 19.2.1
Affected: 18.4.4
Affected: 18.4.5
Affected: 20.1.1.1
Affected: 20.1.1
Affected: 19.3.0
Affected: 19.2.2
Affected: 19.2.099
Affected: 18.3.6
Affected: 18.3.7
Affected: 19.2.0
Affected: 18.3.8
Affected: 19.0.0
Affected: 19.1.0
Affected: 18.4.302
Affected: 18.4.303
Affected: 19.2.097
Affected: 19.2.098
Affected: 17.2.10
Affected: 18.3.6.1
Affected: 19.0.1a
Affected: 18.2.0
Affected: 18.4.3
Affected: 18.4.1
Affected: 17.2.8
Affected: 18.3.3.1
Affected: 18.4.0
Affected: 18.3.1
Affected: 17.2.6
Affected: 17.2.9
Affected: 18.3.4
Affected: 17.2.5
Affected: 18.3.1.1
Affected: 18.3.5
Affected: 18.4.0.1
Affected: 18.3.3
Affected: 17.2.7
Affected: 17.2.4
Affected: 18.3.0
Affected: 19.2.3
Affected: 18.4.501_ES
Affected: 20.3.1
Affected: 20.1.2
Affected: 19.2.929
Affected: 19.2.31
Affected: 20.3.2
Affected: 19.2.32
Affected: 20.3.2_925
Affected: 20.3.2.1
Affected: 20.3.2.1_927
Affected: 18.4.6
Affected: 20.1.2_937
Affected: 20.4.1
Affected: 20.3.2_928
Affected: 20.3.2_929
Affected: 20.4.1.0.1
Affected: 20.3.2.1_930
Affected: 19.2.4
Affected: 20.5.0.1.1
Affected: 20.4.1.1
Affected: 20.3.3
Affected: 19.2.4.0.1
Affected: 20.3.2_937
Affected: 20.3.3.1
Affected: 20.5.1
Affected: 20.1.3
Affected: 20.3.3.0.4
Affected: 20.3.3.1.2
Affected: 20.3.3.1.1
Affected: 20.4.1.2
Affected: 20.3.3.0.2
Affected: 20.4.1.1.5
Affected: 20.4.1.0.01
Affected: 20.4.1.0.02
Affected: 20.3.3.1.7
Affected: 20.3.3.1.5
Affected: 20.5.1.0.1
Affected: 20.3.3.1.10
Affected: 20.3.3.0.8
Affected: 20.4.2
Affected: 20.4.2.0.1
Affected: 20.3.4
Affected: 20.3.3.0.14
Affected: 19.2.4.0.8
Affected: 19.2.4.0.9
Affected: 20.3.4.0.1
Affected: 20.3.2.0.5
Affected: 20.6.1
Affected: 20.5.1.0.2
Affected: 20.3.3.0.17
Affected: 20.6.1.1
Affected: 20.6.0.18.3
Affected: 20.3.2.0.6
Affected: 20.6.0.18.4
Affected: 20.4.2.0.2
Affected: 20.3.3.0.16
Affected: 20.3.4.0.5
Affected: 20.6.1.0.1
Affected: 20.3.4.0.6
Affected: 20.6.2
Affected: 20.7.1EFT2
Affected: 20.3.4.0.9
Affected: 20.3.4.0.11
Affected: 20.4.2.0.4
Affected: 20.3.3.0.18
Affected: 20.7.1
Affected: 20.6.2.1
Affected: 20.3.4.1
Affected: 20.5.1.1
Affected: 20.4.2.1
Affected: 20.4.2.1.1
Affected: 20.3.4.1.1
Affected: 20.3.813
Affected: 20.3.4.0.19
Affected: 20.4.2.2.1
Affected: 20.5.1.2
Affected: 20.3.4.2
Affected: 20.3.814
Affected: 20.4.2.2
Affected: 20.6.2.2
Affected: 20.3.4.2.1
Affected: 20.7.1.1
Affected: 20.3.4.1.2
Affected: 20.6.2.2.2
Affected: 20.3.4.0.20
Affected: 20.6.2.2.3
Affected: 20.4.2.2.2
Affected: 20.3.5
Affected: 20.6.2.0.4
Affected: 20.4.2.2.3
Affected: 20.3.4.0.24
Affected: 20.6.2.2.7
Affected: 20.6.3
Affected: 20.3.4.2.2
Affected: 20.4.2.2.4
Affected: 20.7.1.0.2
Affected: 20.8.1
Affected: 20.3.5.0.8
Affected: 20.3.5.0.9
Affected: 20.4.2.2.8
Affected: 20.3.5.0.7
Affected: 20.6.3.0.7
Affected: 20.6.3.0.5
Affected: 20.6.3.0.10
Affected: 20.6.3.0.2
Affected: 20.7.2
Affected: 20.9.1EFT2
Affected: 20.6.3.0.11
Affected: 20.6.3.1
Affected: 20.6.3.0.14
Affected: 20.6.4
Affected: 20.9.1
Affected: 20.6.3.0.19
Affected: 20.6.3.0.18
Affected: 20.3.6
Affected: 20.9.1.1
Affected: 20.6.3.0.23
Affected: 20.6.4.0.4
Affected: 20.6.3.0.25
Affected: 20.6.5
Affected: 20.6.3.0.27
Affected: 20.9.2
Affected: 20.9.2.1
Affected: 20.6.3.0.29
Affected: 20.6.3.0.31
Affected: 20.6.3.0.32
Affected: 20.10.1
Affected: 20.6.3.0.33
Affected: 20.9.2.0.01
Affected: 20.9.1_LI_Images
Affected: 20.10.1_LI_Images
Affected: 20.9.2_LI_Images
Affected: 20.3.7
Affected: 20.9.3
Affected: 20.6.5.1
Affected: 20.11.1
Affected: 20.11.1_LI_Images
Affected: 20.9.3_LI_ Images
Affected: 20.6.3.1.1
Affected: 20.9.3.0.2
Affected: 20.6.5.1.2
Affected: 20.9.3.0.3
Affected: 20.4.2.3
Affected: 20.6.3.2
Affected: 20.6.4.1
Affected: 20.6.3.0.38
Affected: 20.6.3.0.39
Affected: 20.3.5.1
Affected: 20.3.4.3
Affected: 20.9.3.1
Affected: 20.3.3.2
Affected: 20.6.5.2
Affected: 20.3.7.1
Affected: 20.10.1.1
Affected: 20.6.5.2.1
Affected: 20.3.4.0.25
Affected: 20.6.2.2.4
Affected: 20.6.1.2
Affected: 20.11.1.1
Affected: 20.9.3.0.5
Affected: 20.3.4.0.26
Affected: 20.6.5.1.3
Affected: 20.6.3.0.40
Affected: 20.1.3.1
Affected: 20.9.2.2
Affected: 20.6.5.2.3
Affected: 20.6.5.1.4
Affected: 20.6.5.3
Affected: 20.6.3.0.41
Affected: 20.9.3.0.7
Affected: 20.6.5.1.5
Affected: 20.9.3.0.4
Affected: 20.6.4.0.19
Affected: 20.6.5.1.6
Affected: 20.9.3.0.8
Affected: 20.6.3.3
Affected: 20.3.7.2
Affected: 20.6.5.4
Affected: 20.6.5.1.7
Affected: 20.9.3.0.12
Affected: 20.6.4.2
Affected: 20.6.5.5
Affected: 20.9.3.2
Affected: 20.11.1.2
Affected: 20.6.3.4
Affected: 20.10.1.2
Affected: 20.6.5.1.9
Affected: 20.9.3.0.16
Affected: 20.6.3.0.45
Affected: 20.6.5.1.10
Affected: 20.9.3.0.17
Affected: 20.6.5.2.4
Affected: 20.6.4.0.21
Affected: 20.9.3.0.18
Affected: 20.6.3.0.46
Affected: 20.6.3.0.47
Affected: 20.9.2.3
Affected: 20.9.3.2_LI_Images
Affected: 20.9.3.0.21
Affected: 20.9.3.0.20
Affected: 20.9.4_LI_Images
Affected: 20.9.4
Affected: 20.6.5.1.11
Affected: 20.12.1
Affected: 20.12.1_LI_Images
Affected: 20.6.5.1.13
Affected: 20.9.3.0.23
Affected: 20.6.5.2.8
Affected: 20.9.4.1
Affected: 20.9.4.1_LI_Images
Affected: 20.9.3.0.25
Affected: 20.9.3.0.24
Affected: 20.6.5.1.14
Affected: 20.3.8
Affected: 20.6.6
Affected: 20.9.3.0.26
Affected: 20.6.3.0.51
Affected: 20.9.3.0.29
Affected: 20.12.2
Affected: 20.12.2_LI_Images
Affected: 20.6.6.0.1
Affected: 20.13.1_LI_Images
Affected: 20.9.4.0.4
Affected: 20.13.1
Affected: 20.9.4.1.1
Affected: 20.9.5
Affected: 20.9.5_LI_Images
Affected: 20.12.3_LI_Images
Affected: 20.12.3
Affected: 20.9.4.1.3
Affected: 20.6.7
Affected: 20.9.5.1
Affected: 20.9.5.1_LI_Images
Affected: 20.9.4.1.6
Affected: 20.14.1
Affected: 20.14.1_LI_Images
Affected: 20.9.5.2
Affected: 20.9.5.2.1
Affected: 20.9.5.2_LI_Images
Affected: 20.12.3.1
Affected: 20.12.4
Affected: 20.15.1_LI_Images
Affected: 20.15.1
Affected: 20.9.5.1.4
Affected: 20.9.5.2.7
Affected: 20.9.5.2.13
Affected: 20.9.6
Affected: 20.9.6_LI_Images
Affected: 20.9.5.2.14
Affected: 20.6.8
Affected: 20.12.4.0.03
Affected: 20.16.1
Affected: 20.16.1_LI_Images
Affected: 20.12.4_LI_Images
Affected: 20.9.5.2.16
Affected: 20.12.4.0.4
Affected: 20.12.401
Affected: 20.9.5.3
Affected: 20.9.5.3_LI_Images
Affected: 20.12.4.1_LI_Images
Affected: 20.12.4.1
Affected: 20.9.5.2.21
Affected: 20.9.6.0.3
Affected: 20.12.4.0.6
Affected: 20.15.2_LI_Images
Affected: 20.15.2
Affected: 20.12.4_Monthly_ES5
Affected: 20.12.5
Affected: 20.12.5_LI_Images
Affected: 20.9.7_LI _Images
Affected: 20.9.7
Affected: 20.15.3
Affected: 20.15.3_ LI _Images
Affected: 20.12.501
Affected: 20.12.5.1_LI_Images
Affected: 20.12.5.1
Affected: 20.12.5.2_LI_Images
Affected: 20.12.5.2
Affected: 20.15.3.1
Affected: 20.15.4_LI_Images
Affected: 20.15.4
Affected: 20.9.7.1_LI _Images
Affected: 20.9.7.1
Affected: 20.18.1
Affected: 20.18.1_LI_Images
Affected: 20.12.6_LI_Images
Affected: 20.12.6
Affected: 20.12.5.1.01
Affected: 26.0.1
Affected: 20.9.8
Affected: 20.9.8_LI_Images
Affected: 20.18.2
Affected: 20.15.4.1_LI_Images
Affected: 20.15.4.1
Affected: 20.18.2_LI_Images
Affected: 20.18.2.1_LI_Images
Affected: 20.18.2.1
Affected: 20.15.4.2_LI_Images
Affected: 20.15.4.2
Affected: 20.12.6.1
Affected: 20.12.6.1_LI_Images
Affected: 20.12.5.3
Affected: 20.12.5.3_LI_Images
Affected: 20.9.8.2_LI_Images
Affected: 20.9.8.2
Affected: 20.18.3
Affected: 20.18.3_LI_Images
Affected: 20.15.5
Affected: 20.15.5_LI_Images
Affected: 20.12.7
Affected: 20.12.7_LI_Images
Affected: 20.9.9
Affected: 20.9.9_LI_Images
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-20209",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-14T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T03:56:13.953Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Catalyst SD-WAN Manager",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "20.1.12"
            },
            {
              "status": "affected",
              "version": "19.2.1"
            },
            {
              "status": "affected",
              "version": "18.4.4"
            },
            {
              "status": "affected",
              "version": "18.4.5"
            },
            {
              "status": "affected",
              "version": "20.1.1.1"
            },
            {
              "status": "affected",
              "version": "20.1.1"
            },
            {
              "status": "affected",
              "version": "19.3.0"
            },
            {
              "status": "affected",
              "version": "19.2.2"
            },
            {
              "status": "affected",
              "version": "19.2.099"
            },
            {
              "status": "affected",
              "version": "18.3.6"
            },
            {
              "status": "affected",
              "version": "18.3.7"
            },
            {
              "status": "affected",
              "version": "19.2.0"
            },
            {
              "status": "affected",
              "version": "18.3.8"
            },
            {
              "status": "affected",
              "version": "19.0.0"
            },
            {
              "status": "affected",
              "version": "19.1.0"
            },
            {
              "status": "affected",
              "version": "18.4.302"
            },
            {
              "status": "affected",
              "version": "18.4.303"
            },
            {
              "status": "affected",
              "version": "19.2.097"
            },
            {
              "status": "affected",
              "version": "19.2.098"
            },
            {
              "status": "affected",
              "version": "17.2.10"
            },
            {
              "status": "affected",
              "version": "18.3.6.1"
            },
            {
              "status": "affected",
              "version": "19.0.1a"
            },
            {
              "status": "affected",
              "version": "18.2.0"
            },
            {
              "status": "affected",
              "version": "18.4.3"
            },
            {
              "status": "affected",
              "version": "18.4.1"
            },
            {
              "status": "affected",
              "version": "17.2.8"
            },
            {
              "status": "affected",
              "version": "18.3.3.1"
            },
            {
              "status": "affected",
              "version": "18.4.0"
            },
            {
              "status": "affected",
              "version": "18.3.1"
            },
            {
              "status": "affected",
              "version": "17.2.6"
            },
            {
              "status": "affected",
              "version": "17.2.9"
            },
            {
              "status": "affected",
              "version": "18.3.4"
            },
            {
              "status": "affected",
              "version": "17.2.5"
            },
            {
              "status": "affected",
              "version": "18.3.1.1"
            },
            {
              "status": "affected",
              "version": "18.3.5"
            },
            {
              "status": "affected",
              "version": "18.4.0.1"
            },
            {
              "status": "affected",
              "version": "18.3.3"
            },
            {
              "status": "affected",
              "version": "17.2.7"
            },
            {
              "status": "affected",
              "version": "17.2.4"
            },
            {
              "status": "affected",
              "version": "18.3.0"
            },
            {
              "status": "affected",
              "version": "19.2.3"
            },
            {
              "status": "affected",
              "version": "18.4.501_ES"
            },
            {
              "status": "affected",
              "version": "20.3.1"
            },
            {
              "status": "affected",
              "version": "20.1.2"
            },
            {
              "status": "affected",
              "version": "19.2.929"
            },
            {
              "status": "affected",
              "version": "19.2.31"
            },
            {
              "status": "affected",
              "version": "20.3.2"
            },
            {
              "status": "affected",
              "version": "19.2.32"
            },
            {
              "status": "affected",
              "version": "20.3.2_925"
            },
            {
              "status": "affected",
              "version": "20.3.2.1"
            },
            {
              "status": "affected",
              "version": "20.3.2.1_927"
            },
            {
              "status": "affected",
              "version": "18.4.6"
            },
            {
              "status": "affected",
              "version": "20.1.2_937"
            },
            {
              "status": "affected",
              "version": "20.4.1"
            },
            {
              "status": "affected",
              "version": "20.3.2_928"
            },
            {
              "status": "affected",
              "version": "20.3.2_929"
            },
            {
              "status": "affected",
              "version": "20.4.1.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.2.1_930"
            },
            {
              "status": "affected",
              "version": "19.2.4"
            },
            {
              "status": "affected",
              "version": "20.5.0.1.1"
            },
            {
              "status": "affected",
              "version": "20.4.1.1"
            },
            {
              "status": "affected",
              "version": "20.3.3"
            },
            {
              "status": "affected",
              "version": "19.2.4.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.2_937"
            },
            {
              "status": "affected",
              "version": "20.3.3.1"
            },
            {
              "status": "affected",
              "version": "20.5.1"
            },
            {
              "status": "affected",
              "version": "20.1.3"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.4"
            },
            {
              "status": "affected",
              "version": "20.3.3.1.2"
            },
            {
              "status": "affected",
              "version": "20.3.3.1.1"
            },
            {
              "status": "affected",
              "version": "20.4.1.2"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.2"
            },
            {
              "status": "affected",
              "version": "20.4.1.1.5"
            },
            {
              "status": "affected",
              "version": "20.4.1.0.01"
            },
            {
              "status": "affected",
              "version": "20.4.1.0.02"
            },
            {
              "status": "affected",
              "version": "20.3.3.1.7"
            },
            {
              "status": "affected",
              "version": "20.3.3.1.5"
            },
            {
              "status": "affected",
              "version": "20.5.1.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.3.1.10"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.8"
            },
            {
              "status": "affected",
              "version": "20.4.2"
            },
            {
              "status": "affected",
              "version": "20.4.2.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.4"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.14"
            },
            {
              "status": "affected",
              "version": "19.2.4.0.8"
            },
            {
              "status": "affected",
              "version": "19.2.4.0.9"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.2.0.5"
            },
            {
              "status": "affected",
              "version": "20.6.1"
            },
            {
              "status": "affected",
              "version": "20.5.1.0.2"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.17"
            },
            {
              "status": "affected",
              "version": "20.6.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.0.18.3"
            },
            {
              "status": "affected",
              "version": "20.3.2.0.6"
            },
            {
              "status": "affected",
              "version": "20.6.0.18.4"
            },
            {
              "status": "affected",
              "version": "20.4.2.0.2"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.16"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.5"
            },
            {
              "status": "affected",
              "version": "20.6.1.0.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.6"
            },
            {
              "status": "affected",
              "version": "20.6.2"
            },
            {
              "status": "affected",
              "version": "20.7.1EFT2"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.9"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.11"
            },
            {
              "status": "affected",
              "version": "20.4.2.0.4"
            },
            {
              "status": "affected",
              "version": "20.3.3.0.18"
            },
            {
              "status": "affected",
              "version": "20.7.1"
            },
            {
              "status": "affected",
              "version": "20.6.2.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.1"
            },
            {
              "status": "affected",
              "version": "20.5.1.1"
            },
            {
              "status": "affected",
              "version": "20.4.2.1"
            },
            {
              "status": "affected",
              "version": "20.4.2.1.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.1.1"
            },
            {
              "status": "affected",
              "version": "20.3.813"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.19"
            },
            {
              "status": "affected",
              "version": "20.4.2.2.1"
            },
            {
              "status": "affected",
              "version": "20.5.1.2"
            },
            {
              "status": "affected",
              "version": "20.3.4.2"
            },
            {
              "status": "affected",
              "version": "20.3.814"
            },
            {
              "status": "affected",
              "version": "20.4.2.2"
            },
            {
              "status": "affected",
              "version": "20.6.2.2"
            },
            {
              "status": "affected",
              "version": "20.3.4.2.1"
            },
            {
              "status": "affected",
              "version": "20.7.1.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.1.2"
            },
            {
              "status": "affected",
              "version": "20.6.2.2.2"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.20"
            },
            {
              "status": "affected",
              "version": "20.6.2.2.3"
            },
            {
              "status": "affected",
              "version": "20.4.2.2.2"
            },
            {
              "status": "affected",
              "version": "20.3.5"
            },
            {
              "status": "affected",
              "version": "20.6.2.0.4"
            },
            {
              "status": "affected",
              "version": "20.4.2.2.3"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.24"
            },
            {
              "status": "affected",
              "version": "20.6.2.2.7"
            },
            {
              "status": "affected",
              "version": "20.6.3"
            },
            {
              "status": "affected",
              "version": "20.3.4.2.2"
            },
            {
              "status": "affected",
              "version": "20.4.2.2.4"
            },
            {
              "status": "affected",
              "version": "20.7.1.0.2"
            },
            {
              "status": "affected",
              "version": "20.8.1"
            },
            {
              "status": "affected",
              "version": "20.3.5.0.8"
            },
            {
              "status": "affected",
              "version": "20.3.5.0.9"
            },
            {
              "status": "affected",
              "version": "20.4.2.2.8"
            },
            {
              "status": "affected",
              "version": "20.3.5.0.7"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.7"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.5"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.10"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.2"
            },
            {
              "status": "affected",
              "version": "20.7.2"
            },
            {
              "status": "affected",
              "version": "20.9.1EFT2"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.11"
            },
            {
              "status": "affected",
              "version": "20.6.3.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.14"
            },
            {
              "status": "affected",
              "version": "20.6.4"
            },
            {
              "status": "affected",
              "version": "20.9.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.19"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.18"
            },
            {
              "status": "affected",
              "version": "20.3.6"
            },
            {
              "status": "affected",
              "version": "20.9.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.23"
            },
            {
              "status": "affected",
              "version": "20.6.4.0.4"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.25"
            },
            {
              "status": "affected",
              "version": "20.6.5"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.27"
            },
            {
              "status": "affected",
              "version": "20.9.2"
            },
            {
              "status": "affected",
              "version": "20.9.2.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.29"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.31"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.32"
            },
            {
              "status": "affected",
              "version": "20.10.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.33"
            },
            {
              "status": "affected",
              "version": "20.9.2.0.01"
            },
            {
              "status": "affected",
              "version": "20.9.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.10.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.3.7"
            },
            {
              "status": "affected",
              "version": "20.9.3"
            },
            {
              "status": "affected",
              "version": "20.6.5.1"
            },
            {
              "status": "affected",
              "version": "20.11.1"
            },
            {
              "status": "affected",
              "version": "20.11.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.3_LI_ Images"
            },
            {
              "status": "affected",
              "version": "20.6.3.1.1"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.2"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.3"
            },
            {
              "status": "affected",
              "version": "20.4.2.3"
            },
            {
              "status": "affected",
              "version": "20.6.3.2"
            },
            {
              "status": "affected",
              "version": "20.6.4.1"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.38"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.39"
            },
            {
              "status": "affected",
              "version": "20.3.5.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.3"
            },
            {
              "status": "affected",
              "version": "20.9.3.1"
            },
            {
              "status": "affected",
              "version": "20.3.3.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.2"
            },
            {
              "status": "affected",
              "version": "20.3.7.1"
            },
            {
              "status": "affected",
              "version": "20.10.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.5.2.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.25"
            },
            {
              "status": "affected",
              "version": "20.6.2.2.4"
            },
            {
              "status": "affected",
              "version": "20.6.1.2"
            },
            {
              "status": "affected",
              "version": "20.11.1.1"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.5"
            },
            {
              "status": "affected",
              "version": "20.3.4.0.26"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.3"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.40"
            },
            {
              "status": "affected",
              "version": "20.1.3.1"
            },
            {
              "status": "affected",
              "version": "20.9.2.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.2.3"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.4"
            },
            {
              "status": "affected",
              "version": "20.6.5.3"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.41"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.7"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.5"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.4"
            },
            {
              "status": "affected",
              "version": "20.6.4.0.19"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.6"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.8"
            },
            {
              "status": "affected",
              "version": "20.6.3.3"
            },
            {
              "status": "affected",
              "version": "20.3.7.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.4"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.7"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.12"
            },
            {
              "status": "affected",
              "version": "20.6.4.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.5"
            },
            {
              "status": "affected",
              "version": "20.9.3.2"
            },
            {
              "status": "affected",
              "version": "20.11.1.2"
            },
            {
              "status": "affected",
              "version": "20.6.3.4"
            },
            {
              "status": "affected",
              "version": "20.10.1.2"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.9"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.16"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.45"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.10"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.17"
            },
            {
              "status": "affected",
              "version": "20.6.5.2.4"
            },
            {
              "status": "affected",
              "version": "20.6.4.0.21"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.18"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.46"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.47"
            },
            {
              "status": "affected",
              "version": "20.9.2.3"
            },
            {
              "status": "affected",
              "version": "20.9.3.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.21"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.20"
            },
            {
              "status": "affected",
              "version": "20.9.4_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.4"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.11"
            },
            {
              "status": "affected",
              "version": "20.12.1"
            },
            {
              "status": "affected",
              "version": "20.12.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.13"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.23"
            },
            {
              "status": "affected",
              "version": "20.6.5.2.8"
            },
            {
              "status": "affected",
              "version": "20.9.4.1"
            },
            {
              "status": "affected",
              "version": "20.9.4.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.25"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.24"
            },
            {
              "status": "affected",
              "version": "20.6.5.1.14"
            },
            {
              "status": "affected",
              "version": "20.3.8"
            },
            {
              "status": "affected",
              "version": "20.6.6"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.26"
            },
            {
              "status": "affected",
              "version": "20.6.3.0.51"
            },
            {
              "status": "affected",
              "version": "20.9.3.0.29"
            },
            {
              "status": "affected",
              "version": "20.12.2"
            },
            {
              "status": "affected",
              "version": "20.12.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.6.6.0.1"
            },
            {
              "status": "affected",
              "version": "20.13.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.4.0.4"
            },
            {
              "status": "affected",
              "version": "20.13.1"
            },
            {
              "status": "affected",
              "version": "20.9.4.1.1"
            },
            {
              "status": "affected",
              "version": "20.9.5"
            },
            {
              "status": "affected",
              "version": "20.9.5_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.3_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.3"
            },
            {
              "status": "affected",
              "version": "20.9.4.1.3"
            },
            {
              "status": "affected",
              "version": "20.6.7"
            },
            {
              "status": "affected",
              "version": "20.9.5.1"
            },
            {
              "status": "affected",
              "version": "20.9.5.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.4.1.6"
            },
            {
              "status": "affected",
              "version": "20.14.1"
            },
            {
              "status": "affected",
              "version": "20.14.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.5.2"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.1"
            },
            {
              "status": "affected",
              "version": "20.9.5.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.3.1"
            },
            {
              "status": "affected",
              "version": "20.12.4"
            },
            {
              "status": "affected",
              "version": "20.15.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.1"
            },
            {
              "status": "affected",
              "version": "20.9.5.1.4"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.7"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.13"
            },
            {
              "status": "affected",
              "version": "20.9.6"
            },
            {
              "status": "affected",
              "version": "20.9.6_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.14"
            },
            {
              "status": "affected",
              "version": "20.6.8"
            },
            {
              "status": "affected",
              "version": "20.12.4.0.03"
            },
            {
              "status": "affected",
              "version": "20.16.1"
            },
            {
              "status": "affected",
              "version": "20.16.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.4_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.16"
            },
            {
              "status": "affected",
              "version": "20.12.4.0.4"
            },
            {
              "status": "affected",
              "version": "20.12.401"
            },
            {
              "status": "affected",
              "version": "20.9.5.3"
            },
            {
              "status": "affected",
              "version": "20.9.5.3_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.4.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.4.1"
            },
            {
              "status": "affected",
              "version": "20.9.5.2.21"
            },
            {
              "status": "affected",
              "version": "20.9.6.0.3"
            },
            {
              "status": "affected",
              "version": "20.12.4.0.6"
            },
            {
              "status": "affected",
              "version": "20.15.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.2"
            },
            {
              "status": "affected",
              "version": "20.12.4_Monthly_ES5"
            },
            {
              "status": "affected",
              "version": "20.12.5"
            },
            {
              "status": "affected",
              "version": "20.12.5_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.7_LI _Images"
            },
            {
              "status": "affected",
              "version": "20.9.7"
            },
            {
              "status": "affected",
              "version": "20.15.3"
            },
            {
              "status": "affected",
              "version": "20.15.3_ LI _Images"
            },
            {
              "status": "affected",
              "version": "20.12.501"
            },
            {
              "status": "affected",
              "version": "20.12.5.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.5.1"
            },
            {
              "status": "affected",
              "version": "20.12.5.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.5.2"
            },
            {
              "status": "affected",
              "version": "20.15.3.1"
            },
            {
              "status": "affected",
              "version": "20.15.4_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.4"
            },
            {
              "status": "affected",
              "version": "20.9.7.1_LI _Images"
            },
            {
              "status": "affected",
              "version": "20.9.7.1"
            },
            {
              "status": "affected",
              "version": "20.18.1"
            },
            {
              "status": "affected",
              "version": "20.18.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.6_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.6"
            },
            {
              "status": "affected",
              "version": "20.12.5.1.01"
            },
            {
              "status": "affected",
              "version": "26.0.1"
            },
            {
              "status": "affected",
              "version": "20.9.8"
            },
            {
              "status": "affected",
              "version": "20.9.8_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.18.2"
            },
            {
              "status": "affected",
              "version": "20.15.4.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.4.1"
            },
            {
              "status": "affected",
              "version": "20.18.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.18.2.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.18.2.1"
            },
            {
              "status": "affected",
              "version": "20.15.4.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.4.2"
            },
            {
              "status": "affected",
              "version": "20.12.6.1"
            },
            {
              "status": "affected",
              "version": "20.12.6.1_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.5.3"
            },
            {
              "status": "affected",
              "version": "20.12.5.3_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.8.2_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.8.2"
            },
            {
              "status": "affected",
              "version": "20.18.3"
            },
            {
              "status": "affected",
              "version": "20.18.3_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.15.5"
            },
            {
              "status": "affected",
              "version": "20.15.5_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.12.7"
            },
            {
              "status": "affected",
              "version": "20.12.7_LI_Images"
            },
            {
              "status": "affected",
              "version": "20.9.9"
            },
            {
              "status": "affected",
              "version": "20.9.9_LI_Images"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user.\r\n\r\nThis vulnerability exists because sensitive session information is recorded in audit logs. An attacker could exploit this vulnerability by elevating their read-only permissions in Cisco Catalyst SD-WAN Manager to those of a high-privileged user. A successful exploit could allow the attacker to perform actions as a high-privileged user."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-779",
              "description": "Logging of Excessive Data",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-14T16:08:26.999Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-sdwan-mltvnps2-JxpWm7R",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R"
        },
        {
          "name": "Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability\u003c/a\u003e was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The \u003ca href=\"#IOC\"\u003eIndicators of Compromise",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk"
        }
      ],
      "source": {
        "advisory": "cisco-sa-sdwan-mltvnps2-JxpWm7R",
        "defects": [
          "CSCwt38739"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2026-20209",
    "datePublished": "2026-05-14T16:08:26.999Z",
    "dateReserved": "2025-10-08T11:59:15.398Z",
    "dateUpdated": "2026-05-15T03:56:13.953Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-69230 (GCVE-0-2025-69230)

Vulnerability from cvelistv5 – Published: 2026-01-05 23:47 – Updated: 2026-01-06 19:01
VLAI
Title
AIOHTTP Vulnerable to Cookie Parser Warning Storm
Summary
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. If the cookies attribute is accessed in an application, then an attacker may be able to trigger a storm of warning-level logs using a specially crafted Cookie header. This issue is fixed in 3.13.3.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-779 - Logging of Excessive Data
Assigner
References
Impacted products
Vendor Product Version
aio-libs aiohttp Affected: < 3.13.3
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-69230",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-06T14:24:37.620821Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-06T19:01:58.928Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "aiohttp",
          "vendor": "aio-libs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.13.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. If the cookies attribute is accessed in an application, then an attacker may be able to trigger a storm of warning-level logs using a specially crafted Cookie header. This issue is fixed in 3.13.3."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-779",
              "description": "CWE-779: Logging of Excessive Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T23:47:38.873Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-fh55-r93g-j68g",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-fh55-r93g-j68g"
        },
        {
          "name": "https://github.com/aio-libs/aiohttp/commit/64629a0834f94e46d9881f4e99c41a137e1f3326",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/aio-libs/aiohttp/commit/64629a0834f94e46d9881f4e99c41a137e1f3326"
        }
      ],
      "source": {
        "advisory": "GHSA-fh55-r93g-j68g",
        "discovery": "UNKNOWN"
      },
      "title": "AIOHTTP Vulnerable to Cookie Parser Warning Storm"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-69230",
    "datePublished": "2026-01-05T23:47:38.873Z",
    "dateReserved": "2025-12-29T20:53:49.676Z",
    "dateUpdated": "2026-01-06T19:01:58.928Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-53636 (GCVE-0-2025-53636)

Vulnerability from cvelistv5 – Published: 2025-07-11 21:20 – Updated: 2025-07-14 20:13
VLAI
Title
Open OnDemand Shell App closed websocket DoS
Summary
Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very large log files causing a Denial of Service (DoS) to the ondemand system. This vulnerability is fixed in 3.1.14 and 4.0.6.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
  • CWE-779 - Logging of Excessive Data
Assigner
Impacted products
Vendor Product Version
OSC ondemand Affected: >= 1.6, < 3.1.14
Affected: >= 4.0.0-0.rc1, < 4.0.6
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-53636",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-14T14:45:51.860688Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-14T20:13:13.885Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ondemand",
          "vendor": "OSC",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.6, \u003c 3.1.14"
            },
            {
              "status": "affected",
              "version": "\u003e= 4.0.0-0.rc1, \u003c 4.0.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very large log files causing a Denial of Service (DoS) to the ondemand system. This vulnerability is fixed in 3.1.14 and 4.0.6."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-779",
              "description": "CWE-779: Logging of Excessive Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-11T21:20:14.261Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/OSC/ondemand/security/advisories/GHSA-x5xv-fw37-v524",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/OSC/ondemand/security/advisories/GHSA-x5xv-fw37-v524"
        },
        {
          "name": "https://github.com/OSC/ondemand/commit/40800d68cd019c5f1c48b2deafebba6dff4abee2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OSC/ondemand/commit/40800d68cd019c5f1c48b2deafebba6dff4abee2"
        },
        {
          "name": "https://github.com/OSC/ondemand/commit/96f29b995e1add7562516614e4dc8d961987e8b4",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OSC/ondemand/commit/96f29b995e1add7562516614e4dc8d961987e8b4"
        }
      ],
      "source": {
        "advisory": "GHSA-x5xv-fw37-v524",
        "discovery": "UNKNOWN"
      },
      "title": "Open OnDemand Shell App closed websocket DoS"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-53636",
    "datePublished": "2025-07-11T21:20:14.261Z",
    "dateReserved": "2025-07-07T14:20:38.390Z",
    "dateUpdated": "2025-07-14T20:13:13.885Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-8696 (GCVE-0-2025-8696)

Vulnerability from cvelistv5 – Published: 2025-09-10 17:59 – Updated: 2025-11-04 21:15
VLAI
Title
DoS attack against the Stork UI from an unauthenticated user
Summary
If an unauthenticated user sends a large amount of data to the Stork UI, it may cause memory and disk use problems for the system running the Stork server. This issue affects Stork versions 1.0.0 through 2.3.0.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-789 - Memory Allocation with Excessive Size Value
  • CWE-779 - Logging of Excessive Data
Assigner
isc
Impacted products
Vendor Product Version
ISC Stork Affected: 1.0.0 , ≤ 2.3.0 (custom)
Create a notification for this product.
Date Public
2025-09-10 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8696",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-11T14:26:49.356453Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-11T14:42:42.595Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:15:10.942Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/09/10/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Stork",
          "vendor": "ISC",
          "versions": [
            {
              "lessThanOrEqual": "2.3.0",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2025-09-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "If an unauthenticated user sends a large amount of data to the Stork UI, it may cause memory and disk use problems for the system running the Stork server.\nThis issue affects Stork versions 1.0.0 through 2.3.0."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "This flaw was discovered in internal testing. We are not aware of any active exploits."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Resource exhaustion. A sufficiently large input will cause Stork to allocate more memory than is available, leading to the failure of the `stork-server` process and/or other processes. Repeated smaller inputs may not exhaust memory but may fill log storage or force premature log rotation."
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-789",
              "description": "CWE-789 Memory Allocation with Excessive Size Value",
              "lang": "en",
              "type": "CWE"
            },
            {
              "cweId": "CWE-779",
              "description": "CWE-779 Logging of Excessive Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-10T17:59:52.878Z",
        "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "shortName": "isc"
      },
      "references": [
        {
          "name": "CVE-2025-8696",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.isc.org/docs/cve-2025-8696"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to the patched release most closely related to your current version of Stork: 2.2.1 or 2.3.1."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "DoS attack against the Stork UI from an unauthenticated user",
      "workarounds": [
        {
          "lang": "en",
          "value": "Placing the Stork server behind a firewall or proxy that only allows access from trusted clients, and/or enforces input size limits, is an effective workaround."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
    "assignerShortName": "isc",
    "cveId": "CVE-2025-8696",
    "datePublished": "2025-09-10T17:59:52.878Z",
    "dateReserved": "2025-08-07T09:49:55.542Z",
    "dateUpdated": "2025-11-04T21:15:10.942Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-55628 (GCVE-0-2024-55628)

Vulnerability from cvelistv5 – Published: 2025-01-06 18:02 – Updated: 2025-01-06 19:14
VLAI
Title
Suricata oversized resource names utilizing DNS name compression can lead to resource starvation
Summary
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-405 - Asymmetric Resource Consumption (Amplification)
  • CWE-779 - Logging of Excessive Data
Assigner
Impacted products
Vendor Product Version
OISF suricata Affected: < 7.0.8
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-55628",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-06T19:14:22.117040Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-06T19:14:33.486Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "suricata",
          "vendor": "OISF",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.0.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-405",
              "description": "CWE-405: Asymmetric Resource Consumption (Amplification)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-779",
              "description": "CWE-779: Logging of Excessive Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-06T18:02:10.692Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j"
        },
        {
          "name": "https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951"
        },
        {
          "name": "https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d"
        },
        {
          "name": "https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d"
        },
        {
          "name": "https://redmine.openinfosecfoundation.org/issues/7280",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://redmine.openinfosecfoundation.org/issues/7280"
        }
      ],
      "source": {
        "advisory": "GHSA-96w4-jqwf-qx2j",
        "discovery": "UNKNOWN"
      },
      "title": "Suricata oversized resource names utilizing DNS name compression can lead to resource starvation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-55628",
    "datePublished": "2025-01-06T18:02:10.692Z",
    "dateReserved": "2024-12-09T17:48:05.557Z",
    "dateUpdated": "2025-01-06T19:14:33.486Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-36416 (GCVE-0-2024-36416)

Vulnerability from cvelistv5 – Published: 2024-06-10 20:03 – Updated: 2025-02-13 17:52
VLAI
Title
SuiteCRM v4 API Excessive log data DOS
Summary
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-779 - Logging of Excessive Data
Assigner
Impacted products
Vendor Product Version
salesagility SuiteCRM Affected: < 7.14.4
Affected: >= 8.0.0, < 8.6.1
Create a notification for this product.
salesagility suitecrm Affected: 7.0.0 , < 7.14.4 (custom)
Affected: 8.0.0 , < 8.6.1 (custom)
    cpe:2.3:a:salesagility:suitecrm:7.0.0:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:salesagility:suitecrm:7.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "suitecrm",
            "vendor": "salesagility",
            "versions": [
              {
                "lessThan": "7.14.4",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "8.6.1",
                "status": "affected",
                "version": "8.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36416",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T14:19:10.422337Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T14:22:47.355Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:37:05.170Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-jrpp-22g3-2j77",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-jrpp-22g3-2j77"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.suitecrm.com/admin/releases/7.14.x/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/kva55/CVE-2024-36416"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SuiteCRM",
          "vendor": "salesagility",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.14.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.0.0, \u003c 8.6.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-779",
              "description": "CWE-779: Logging of Excessive Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-22T16:13:12.226Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-jrpp-22g3-2j77",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-jrpp-22g3-2j77"
        },
        {
          "url": "https://docs.suitecrm.com/admin/releases/7.14.x/"
        },
        {
          "url": "https://github.com/kva55/CVE-2024-36416"
        }
      ],
      "source": {
        "advisory": "GHSA-jrpp-22g3-2j77",
        "discovery": "UNKNOWN"
      },
      "title": "SuiteCRM v4 API Excessive log data DOS"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-36416",
    "datePublished": "2024-06-10T20:03:05.369Z",
    "dateReserved": "2024-05-27T15:59:57.033Z",
    "dateUpdated": "2025-02-13T17:52:54.171Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-1141 (GCVE-0-2024-1141)

Vulnerability from cvelistv5 – Published: 2024-02-01 14:21 – Updated: 2025-11-20 18:21
VLAI
Title
Glance-store: glance store access key logged in debug log level
Summary
A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-779 - Logging of Excessive Data
Assigner
References
URL Tags
https://access.redhat.com/errata/RHSA-2024:2732 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-1141 vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2258836 issue-trackingx_refsource_REDHAT
Impacted products
Vendor Product Version
Affected: 0 , < 4.7.0 (custom)
Red Hat Red Hat OpenStack Platform 17.1 for RHEL 9 Unaffected: 0:2.5.1-17.1.20230621023901.el9ost , < * (rpm)
    cpe:/a:redhat:openstack:17.1::el9
Create a notification for this product.
Red Hat Red Hat OpenStack Platform 16.1     cpe:/a:redhat:openstack:16.1
Create a notification for this product.
Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
Create a notification for this product.
Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
Create a notification for this product.
Date Public
2024-01-17 00:00
Credits
Red Hat would like to thank Lujie (ICT) for reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1141",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-01T20:50:59.471008Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T18:00:46.862Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:26:30.566Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:2732",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2732"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-1141"
          },
          {
            "name": "RHBZ#2258836",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258836"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/openstack/glance_store/",
          "defaultStatus": "unaffected",
          "packageName": "glance-store",
          "versions": [
            {
              "lessThan": "4.7.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "python-glance-store",
          "product": "Red Hat OpenStack Platform 17.1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.5.1-17.1.20230621023901.el9ost",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.1"
          ],
          "defaultStatus": "unknown",
          "packageName": "python-glance-store",
          "product": "Red Hat OpenStack Platform 16.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "unknown",
          "packageName": "python-glance-store",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:18.0"
          ],
          "defaultStatus": "affected",
          "packageName": "python-glance-store",
          "product": "Red Hat OpenStack Platform 18.0",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Lujie (ICT) for reporting this issue."
        }
      ],
      "datePublic": "2024-01-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-779",
              "description": "Logging of Excessive Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T18:21:09.704Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:2732",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2732"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-1141"
        },
        {
          "name": "RHBZ#2258836",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258836"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-01-17T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-01-17T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Glance-store: glance store access key logged in debug log level",
      "workarounds": [
        {
          "lang": "en",
          "value": "Avoid leaving the DEBUG log level enabled in critical environments."
        }
      ],
      "x_redhatCweChain": "CWE-779: Logging of Excessive Data"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-1141",
    "datePublished": "2024-02-01T14:21:37.758Z",
    "dateReserved": "2024-02-01T00:47:57.686Z",
    "dateUpdated": "2025-11-20T18:21:09.704Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-39874 (GCVE-0-2022-39874)

Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-03 12:07
VLAI
Summary
Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.
CWE
  • CWE-779 - Logging of Excessive Data
Assigner
Impacted products
Vendor Product Version
Samsung Mobile Samsung Account Affected: unspecified , < 13.5.0 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:07:42.933Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Samsung Account",
          "vendor": "Samsung Mobile",
          "versions": [
            {
              "lessThan": "13.5.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-779",
              "description": "CWE-779 Logging of Excessive Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-07T00:00:00.000Z",
        "orgId": "3af57064-a867-422c-b2ad-40307b65c458",
        "shortName": "Samsung Mobile"
      },
      "references": [
        {
          "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=10"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
    "assignerShortName": "Samsung Mobile",
    "cveId": "CVE-2022-39874",
    "datePublished": "2022-10-07T00:00:00.000Z",
    "dateReserved": "2022-09-05T00:00:00.000Z",
    "dateUpdated": "2024-08-03T12:07:42.933Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design

Suppress large numbers of duplicate log messages and replace them with periodic summaries. For example, syslog may include an entry that states "last message repeated X times" when recording repeated events.

Mitigation
Architecture and Design

Support a maximum size for the log file that can be controlled by the administrator. If the maximum size is reached, the admin should be notified. Also, consider reducing functionality of the product. This may result in a denial-of-service to legitimate product users, but it will prevent the product from adversely impacting the entire system.

Mitigation
Implementation

Adjust configurations appropriately when the product is transitioned from a debug state to production.

No CAPEC attack patterns related to this CWE.