Detections
Analytics
Cisco Catalyst SD-WAN Controller Authentication Bypass (cisco-sa-sdwan-rpa2-v69WY2SW)
critical Nessus Plugin ID 314960
Synopsis
The remote device is missing a vendor-supplied security patch.Description
According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability.- A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to the affected system.
A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.
(CVE-2026-20182)
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Solution
Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwt50498.See Also
Plugin Details
Severity: Critical
ID: 314960
File Name: cisco-sa-sdwan-rpa2-v69WY2SW.nasl
Version: 1.1
Type: Local
Family: CISCO
Published: 5/15/2026
Updated: 5/15/2026
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2026-20182
CVSS v3
Risk Factor: Critical
Base Score: 10
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Information
CPE: cpe:/o:cisco:sd-wan_firmware
Required KB Items: Cisco/Viptela/Version
Patch Publication Date: 5/14/2026
Vulnerability Publication Date: 5/14/2026
Reference Information
CVE: CVE-2026-20182