cisco sd-wan 20.7 vulnerabilities and exploits

(subscribe to this query)

Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow an unauthenticated, remote malicious user to access the Elasticsearch configuration database of an affected device with the privileges of the elasticsearch user. These vulnerabili...

Cisco Sd-wan Cisco Sd-wan 20.7 Cisco Sd-wan 20.6

A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local malicious user to bypass authorization and allow the malicious user to roll back the configuration on vManage controllers and edge router device. T...

Cisco Sd-wan Vmanage Cisco Sd-wan Vmanage 20.10 Cisco Catalyst Sd-wan Manager 20.9 Cisco Catalyst Sd-wan Manager 20.11 Cisco Catalyst Sd-wan Manager 20.8 Cisco Catalyst Sd-wan Manager 20.7

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local malicious user to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected system as a low-privileged user to ...

Cisco Sd-wan Vmanage Cisco Catalyst Sd-wan Manager 20.7

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for...

Cisco Sd-wan Vmanage Cisco Catalyst Sd-wan Manager 20.7

A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to gain access to sensitive information on an affected system. This vulnerability is due to insufficient API authorization checking on the underlying operating ...

Cisco Sd-wan Vmanage Cisco Catalyst Sd-wan Manager 20.7

A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local malicious user to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management ...

Cisco Sd-wan Vedge Router Cisco Sd-wan Vedge Router 20.7

A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote malicious user to access the GUI of Cisco SD-AVC without authentication. This vulnerability exists because the...

Cisco Sd-wan Vmanage Cisco Catalyst Sd-wan Manager Cisco Catalyst Sd-wan Manager 20.7

Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...

2 Metasploit modules1152 Github repositories28 Articles

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook