CVE-2025-20157Improper Certificate Validation in Cisco Catalyst Sd-wan Manager

CWE-295Improper Certificate Validation4 documents4 sources
Severity
5.9MEDIUMNVD
EPSS
0.1%
top 80.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Catalyst Sd-wan ManagerCisco Catalyst Sd-wan Manager
Timeline
PublishedMay 7

Description

A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper validation of certificates that are used by the Smart Licensing feature. An attacker with a privileged network position could exploit this vulnerability by intercepting traffic that is sent over the Internet. A successful exploit could allow the attacker

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

NVDcisco/catalyst_sd-wan_manager281 versions+280
CVEListV5cisco/cisco_catalyst_sd-wan_manager301 versions+300

🔴Vulnerability Details

2
CVEList
Cisco Catalyst vManage Certificate Validation Vulnerability2025-05-07
GHSA
GHSA-vq58-8wp2-wc83: A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated,2025-05-07

📋Vendor Advisories

1
Cisco
Cisco Catalyst SD-WAN Manager Certificate Validation Vulnerability2025-05-07
CVE-2025-20157 — Improper Certificate Validation | cvebase