Skip to main content

Sd Wan Vmanage

41 CVEs product

Monthly

CVE-2023-20262 HIGH This Week

A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-20253 MEDIUM This Month

A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-20179 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Sd Wan Vmanage
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-20214 CRITICAL Act Now

A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2023-20098 MEDIUM This Month

A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cisco Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
6.0
EPSS
0.5%
CVE-2022-20830 MEDIUM This Month

A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-20930 MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Catalyst Sd Wan Manager Sd Wan Vbond Orchestrator Sd Wan Vmanage +2
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20850 HIGH This Week

A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Path Traversal Sd Wan Vbond Orchestrator Sd Wan Vmanage +3
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2022-20818 HIGH This Week

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Sd Wan Vbond Orchestrator Sd Wan Vmanage Sd Wan Vsmart Controller +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-20696 HIGH This Week

A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-20747 MEDIUM This Month

A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-20739 HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2022-20735 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-34712 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Nosql Injection Information Disclosure Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-1546 MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Catalyst Sd Wan Manager Sd Wan Vbond Orchestrator Sd Wan Vmanage +9
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-34700 MEDIUM This Month

A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-1535 MEDIUM This Month

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Sd Wan Vmanage
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-1515 MEDIUM This Month

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Sd Wan Vmanage
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-1514 HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Code Injection Catalyst Sd Wan Manager Sd Wan Vbond Orchestrator Sd Wan Vmanage +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-1512 MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Cisco Path Traversal Information Disclosure Catalyst Sd Wan Manager Sd Wan Vbond Orchestrator +10
NVD
CVSS 3.1
6.0
EPSS
0.2%
CVE-2021-1508 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2021-1507 MEDIUM This Month

A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Sd Wan Vmanage
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-1506 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
7.2
EPSS
1.8%
CVE-2021-1505 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2021-1486 MEDIUM This Month

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to enumerate user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-1468 CRITICAL Act Now

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-1284 HIGH This Week

A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to bypass authentication and authorization and modify. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-1275 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2021-1480 HIGH PATCH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2021-1479 CRITICAL PATCH Act Now

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-1137 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-1235 MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read sensitive database files on an affected system. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Sd Wan Vmanage
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-1225 CRITICAL Act Now

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct SQL injection attacks on an affected system. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco SQLi Sd Wan Vmanage
NVD
CVSS 3.1
9.1
EPSS
1.4%
CVE-2021-1349 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Nosql Injection Information Disclosure Sd Wan Vmanage
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-1259 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain write access to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Sd Wan Vmanage
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2020-3592 MEDIUM PATCH This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Cisco Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-3591 MEDIUM PATCH This Month

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

XSS Cisco Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-3590 MEDIUM PATCH This Month

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Cisco Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
6.4
EPSS
0.6%
CVE-2020-3587 MEDIUM PATCH This Month

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Cisco Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
6.4
EPSS
0.6%
CVE-2020-3579 MEDIUM PATCH This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Cisco Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-27129 MEDIUM This Month

A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Code Injection Sd Wan Vmanage
NVD
CVSS 3.1
6.7
EPSS
0.3%
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Catalyst Sd Wan Manager +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Authentication Bypass Catalyst Sd Wan Manager +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Sd Wan Vmanage
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Catalyst Sd Wan Manager +1
NVD
EPSS 1% CVSS 6.0
MEDIUM This Month

A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cisco Catalyst Sd Wan Manager +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Catalyst Sd Wan Manager +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Catalyst Sd Wan Manager +4
NVD
EPSS 0% CVSS 7.1
HIGH This Week

A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Path Traversal +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Sd Wan Vbond Orchestrator +3
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Catalyst Sd Wan Manager +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Catalyst Sd Wan Manager +1
NVD
EPSS 1% CVSS 7.3
HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Catalyst Sd Wan Manager +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Catalyst Sd Wan Manager +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Nosql Injection Information Disclosure +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Catalyst Sd Wan Manager +11
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Authentication Bypass Catalyst Sd Wan Manager +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Sd Wan Vmanage
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Sd Wan Vmanage
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Code Injection Catalyst Sd Wan Manager +11
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Cisco Path Traversal Information Disclosure +12
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass +2
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Sd Wan Vmanage
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass +2
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to enumerate user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Catalyst Sd Wan Manager +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to bypass authentication and authorization and modify. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Catalyst Sd Wan Manager +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass +2
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE +2
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read sensitive database files on an affected system. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Sd Wan Vmanage
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct SQL injection attacks on an affected system. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco SQLi Sd Wan Vmanage
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Nosql Injection Information Disclosure +1
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain write access to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Sd Wan Vmanage
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Cisco Authentication Bypass Catalyst Sd Wan Manager +1
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

XSS Cisco Catalyst Sd Wan Manager +1
NVD
EPSS 1% CVSS 6.4
MEDIUM PATCH This Month

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Cisco Catalyst Sd Wan Manager +1
NVD
EPSS 1% CVSS 6.4
MEDIUM PATCH This Month

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Cisco Catalyst Sd Wan Manager +1
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Cisco Catalyst Sd Wan Manager +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Code Injection Sd Wan Vmanage
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy