Tracked as CVE-2023-20214 with a CVSS score of 9.1, the flaw could be exploited by unauthenticated attackers to retrieve sensitive information from vulnerable instances. Unfortunately, there are no available workarounds to mitigate this risk. The vulnerability lies in the request authentication validation for the REST API feature of Cisco’s SD-WAN vManage software. Malicious actors can… Continue reading How to fix CVE-2023-20214 in Cisco SD-WAN