Cisco Sd-wan
27 CVEs affecting Cisco Sd-wan. Latest disclosed: 2023-09-27. Critical: 3, High: 14.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-3374 | Critical | 9.9 | 2020-07-31 | A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization, e… |
CVE-2020-3375 | Critical | 9.8 | 2020-07-31 | A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnera… |
CVE-2018-15387 | Critical | 9.8 | 2018-10-05 | A vulnerability in the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass certificate validation on an affected device. The vulner… |
CVE-2019-1624 | High | 8.8 | 2019-06-20 | A vulnerability in the vManage web-based UI (Web UI) in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands th… |
CVE-2019-1650 | High | 8.8 | 2019-01-24 | A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of a… |
CVE-2019-1647 | High | 8.0 | 2019-01-24 | A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to bypass authentication and have direct unauthorized access to ot… |
CVE-2022-20818 | High | 7.8 | 2022-09-30 | Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities ar… |
CVE-2022-20775 | High | 7.8 | 2022-09-30 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to i… |
CVE-2022-20716 | High | 7.8 | 2022-04-15 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to imp… |
CVE-2020-3600 | High | 7.8 | 2020-11-06 | A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vul… |
CVE-2020-3595 | High | 7.8 | 2020-11-06 | A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying operating system. T… |
CVE-2020-3594 | High | 7.8 | 2020-11-06 | A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vul… |
CVE-2020-3593 | High | 7.8 | 2020-11-06 | A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vul… |
CVE-2020-3180 | High | 7.8 | 2020-07-16 | A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a de… |
CVE-2019-1648 | High | 7.8 | 2019-01-24 | A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an aff… |
CVE-2019-1646 | High | 7.8 | 2019-01-24 | A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configurati… |
CVE-2023-20034 | High | 7.5 | 2023-09-27 | Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to access the Elastics… |
CVE-2022-20930 | Medium | 6.7 | 2022-09-30 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system… |
CVE-2021-34726 | Medium | 6.7 | 2021-09-23 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level pr… |
CVE-2023-20113 | Medium | 6.5 | 2023-03-23 | A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site… |