Cisco Cisco Network Services Orchestrator
11 CVEs affecting Cisco Cisco Network Services Orchestrator. Latest disclosed: 2026-05-06. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-20655 | High | 8.8 | 2024-11-15 | A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection… |
CVE-2024-20381 | High | 8.8 | 2024-09-11 | A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interface… |
CVE-2024-20389 | High | 7.8 | 2024-05-16 | A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to rea… |
CVE-2024-20326 | High | 7.8 | 2024-05-16 | A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to rea… |
CVE-2024-20366 | High | 7.8 | 2024-05-15 | A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of Cisco Crosswork Network Services Orchestrator (NSO) could allow a… |
CVE-2026-20188 | Unrated | 7.5 | 2026-05-06 | Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network Se… |
CVE-2023-20040 | Medium | 5.5 | 2023-01-19 | A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service… |
CVE-2021-1132 | Medium | 5.3 | 2024-11-18 | A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remo… |
CVE-2024-20369 | Medium | 4.7 | 2024-05-15 | A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to… |
CVE-2020-3362 | Medium | 4.7 | 2020-06-18 | A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to access confidential information on an a… |
CVE-2018-0463 | | 2018-10-05 | A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacke… |