Versa-networks Versa_director
7 CVEs affecting Versa-networks Versa_director. Latest disclosed: 2025-06-19. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-25029 | Critical | 9.8 | 2021-05-26 | In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable applic… |
CVE-2024-39717 | High | 7.2 | 2024-08-22 | The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-D… |
CVE-2025-23168 | Medium | 6.3 | 2025-06-19 | The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using One-Time Passcodes (OTP) delivered via email or SMS. Versa Di… |
CVE-2021-39285 | Medium | 6.1 | 2021-09-07 | A XSS vulnerability exists in Versa Director Release: 16.1R2 Build: S8. An attacker can use the administration web interface URL to create a XSS based attack. |
CVE-2019-25030 | Medium | 5.5 | 2021-05-26 | In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage… |
CVE-2018-16498 | Medium | 5.5 | 2021-05-26 | In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for… |
CVE-2018-16496 | Medium | 5.3 | 2021-05-26 | In Versa Director, the un-authentication request found. |