Cisco Sd-wan_vmanage
42 CVEs affecting Cisco Sd-wan_vmanage. Latest disclosed: 2023-09-27. Critical: 8, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-44228 | Critical | 10.0 | 2021-12-10 | Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameter… |
CVE-2021-1508 | Critical | 9.8 | 2021-05-06 | Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive… |
CVE-2021-1506 | Critical | 9.8 | 2021-05-06 | Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive… |
CVE-2021-1505 | Critical | 9.8 | 2021-05-06 | Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive… |
CVE-2021-1468 | Critical | 9.8 | 2021-05-06 | Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive… |
CVE-2021-1275 | Critical | 9.8 | 2021-05-06 | Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive… |
CVE-2023-20214 | Critical | 9.1 | 2023-08-03 | A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to g… |
CVE-2021-1225 | Critical | 9.1 | 2021-01-20 | Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct SQL… |
CVE-2021-1284 | High | 8.8 | 2021-05-06 | A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to bypass authe… |
CVE-2022-20818 | High | 7.8 | 2022-09-30 | Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities ar… |
CVE-2021-1514 | High | 7.8 | 2021-05-06 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator… |
CVE-2021-1480 | High | 7.8 | 2021-04-08 | Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated… |
CVE-2021-1479 | High | 7.8 | 2021-04-08 | Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated… |
CVE-2021-1137 | High | 7.8 | 2021-04-08 | Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated… |
CVE-2022-20696 | High | 7.5 | 2022-09-08 | A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could allow an unauthenticated, adjacent attacker who has access to th… |
CVE-2022-20739 | High | 7.3 | 2022-04-15 | A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operat… |
CVE-2023-20253 | High | 7.1 | 2023-09-27 | A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authori… |
CVE-2022-20930 | Medium | 6.7 | 2022-09-30 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system… |
CVE-2020-27129 | Medium | 6.7 | 2020-11-06 | A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and… |
CVE-2022-20747 | Medium | 6.5 | 2022-04-15 | A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain access to sensitive information on an… |