Cisco Cisco Catalyst Sd-wan Manager
38 CVEs affecting Cisco Cisco Catalyst Sd-wan Manager. Latest disclosed: 2026-06-04. Critical: 3, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-20182 | Critical | 10.0 | 2026-05-14 | May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in Februar… |
CVE-2026-20127 | Critical | 10.0 | 2026-02-25 | A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN v… |
CVE-2026-20129 | Critical | 9.8 | 2026-02-25 | A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected s… |
CVE-2026-20126 | High | 8.8 | 2026-02-25 | A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying ope… |
CVE-2022-20655 | High | 8.8 | 2024-11-15 | A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection… |
CVE-2026-20224 | High | 8.6 | 2026-05-14 | A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary file… |
CVE-2020-26071 | High | 8.4 | 2024-11-18 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected dev… |
CVE-2026-20245 | High | 7.8 | 2026-06-04 | A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary command… |
CVE-2025-20122 | High | 7.8 | 2025-05-07 | A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of… |
CVE-2020-26074 | High | 7.8 | 2024-11-18 | A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileg… |
CVE-2022-20775 | High | 7.8 | 2022-09-30 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to i… |
CVE-2026-20128 | High | 7.5 | 2026-02-25 | A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user pr… |
CVE-2020-26073 | High | 7.5 | 2024-11-18 | A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensi… |
CVE-2026-20133 | Medium | 6.5 | 2026-02-25 | A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. This… |
CVE-2025-20187 | Medium | 6.5 | 2025-05-07 | A vulnerability in the application data endpoints of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacke… |
CVE-2020-26066 | Medium | 6.5 | 2024-11-18 | A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information… |
CVE-2021-1232 | Medium | 6.5 | 2024-11-18 | A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary fil… |
CVE-2021-1484 | Medium | 6.5 | 2024-11-15 | A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to inject arbitrary commands on an affected s… |
CVE-2021-1491 | Medium | 6.5 | 2024-11-15 | A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary fil… |
CVE-2021-1482 | Medium | 6.4 | 2024-11-15 | A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorizati… |