Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco sd-wan 20.7 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-20034
Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow an unauthenticated, remote malicious user to access the Elasticsearch configuration database of an affected device with the privileges of the elasticsearch user. These vulnerabili...
Cisco Sd-wan
Cisco Sd-wan 20.7
Cisco Sd-wan 20.6
5.5
CVSSv3
CVE-2023-20253
A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local malicious user to bypass authorization and allow the malicious user to roll back the configuration on vManage controllers and edge router device. T...
Cisco Sd-wan Vmanage
Cisco Sd-wan Vmanage 20.10
Cisco Catalyst Sd-wan Manager 20.9
Cisco Catalyst Sd-wan Manager 20.11
Cisco Catalyst Sd-wan Manager 20.8
Cisco Catalyst Sd-wan Manager 20.7
7.3
CVSSv3
CVE-2022-20739
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local malicious user to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected system as a low-privileged user to ...
Cisco Sd-wan Vmanage
Cisco Catalyst Sd-wan Manager 20.7
6.5
CVSSv3
CVE-2022-20735
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for...
Cisco Sd-wan Vmanage
Cisco Catalyst Sd-wan Manager 20.7
6.5
CVSSv3
CVE-2022-20747
A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to gain access to sensitive information on an affected system. This vulnerability is due to insufficient API authorization checking on the underlying operating ...
Cisco Sd-wan Vmanage
Cisco Catalyst Sd-wan Manager 20.7
5.5
CVSSv3
CVE-2022-20717
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local malicious user to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management ...
Cisco Sd-wan Vedge Router
Cisco Sd-wan Vedge Router 20.7
5.3
CVSSv3
CVE-2022-20830
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote malicious user to access the GUI of Cisco SD-AVC without authentication. This vulnerability exists because the...
Cisco Sd-wan Vmanage
Cisco Catalyst Sd-wan Manager
Cisco Catalyst Sd-wan Manager 20.7
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1154 Github repositories
28 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started