Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco sd-wan firmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20071
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote malicious user to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection e...
Cisco Firepower Threat Defense
Cisco Cyber Vision
Cisco Unified Threat Defense
Cisco Meraki Mx Security Appliance Firmware -
5.1
CVSSv2
CVE-2021-45046
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with...
Apache Log4j 2.0
Apache Log4j
Intel Oneapi -
Intel Audio Development Kit -
Intel Datacenter Manager -
Intel System Debugger -
Intel Secure Device Onboard -
Intel Sensor Solution Firmware Development Kit -
Intel Computer Vision Annotation Tool -
Intel Genomics Kernel Library -
Intel System Studio -
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
197 Github repositories
9 Articles
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1181 Github repositories
28 Articles
4.9
CVSSv2
CVE-2020-3405
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries...
Cisco Sd-wan Firmware
3.5
CVSSv2
CVE-2020-3406
A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management...
Cisco Sd-wan Firmware
5.5
CVSSv2
CVE-2020-3468
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly valida...
Cisco Sd-wan Firmware
4
CVSSv2
CVE-2020-3437
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker...
Cisco Sd-wan Firmware
3.3
CVSSv2
CVE-2019-5108
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to d...
Linux Linux Kernel
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Netapp A700s Firmware -
Netapp H610s Firmware -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
Oracle Sd-wan Edge 8.2
4.3
CVSSv2
CVE-2019-16002
A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-WAN Solution could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the w...
Cisco Sd-wan Firmware
5
CVSSv2
CVE-2019-1951
A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote malicious user to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit ...
Cisco Sd-wan Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »