Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware sd-wan orchestrator 3.3.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-4003
VMware SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 was found to be vulnerable to SQL-injection attacks allowing for potential information disclosure. An authenticated SD-WAN Orchestrator user may inject code into SQL queries which may lea...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
6.5
CVSSv3
CVE-2020-3984
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3 and 3.4.x before 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthori...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
8.8
CVSSv3
CVE-2020-4000
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 allows for executing files through directory traversal. An authenticated SD-WAN Orchestrator user is able to traversal directories which may lead to code execution of files.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
8.8
CVSSv3
CVE-2020-3985
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3 and 3.4.x before 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. An authenticated SD-WAN Orchestrator user may exploit an application weakness and call a vulnerable API to elevate ...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
9.8
CVSSv3
CVE-2020-4001
The SD-WAN Orchestrator 3.3.2, 3.4.x, and 4.0.x has default passwords allowing for a Pass-the-Hash Attack. SD-WAN Orchestrator ships with default passwords for predefined accounts which may lead to to a Pass-the-Hash attack.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
7.2
CVSSv3
CVE-2020-4002
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privileges may be able to execute arbitrary code on the underlying operating system.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started