Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
cisco sd-wan firmware vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-3406
A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management...
Cisco Sd-wan Firmware
4.9
CVSSv2
CVE-2020-3405
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when...
Cisco Sd-wan Firmware
4.3
CVSSv2
CVE-2019-16002
A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI...
Cisco Sd-wan Firmware
5.5
CVSSv2
CVE-2020-3468
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates...
Cisco Sd-wan Firmware
5
CVSSv2
CVE-2019-1951
A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this...
Cisco Sd-wan Firmware
4
CVSSv2
CVE-2020-3437
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker...
Cisco Sd-wan Firmware
4.3
CVSSv2
CVE-2021-3449
OpenSSL NULL pointer deref in signature_algorithms processing. An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in...
Openssl Openssl
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 17.0
Windriver Linux 18.0
Windriver Linux 19.0
2 Github repositories available
2 Articles available
5.8
CVSSv2
CVE-2021-3450
OpenSSL CA certificate check bypass with X509_V_FLAG_X509_STRICT. The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 17.0
Windriver Linux 18.0
Windriver Linux 19.0
Netapp Cloud Volumes Ontap Mediator -
Netapp Oncommand Workflow Automation -
Netapp Ontap Select Deploy Administration Utility -
Netapp Storagegrid -
Fedoraproject Fedora 34
Tenable Nessus
Tenable Nessus Agent
2 Articles available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-1647
CVE-2021-20491
CVE-2021-28310
CVE-2021-30487
CVE-2021-21087
XPath injection
brute force
CVE-2020-7308
remote attackers
Vulnerability Notification
Get Started
Vulmon
