Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco sd-wan vmanage vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-1625
A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local malicious user to elevate lower-level privileges to the root user on an affected device. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vuln...
Cisco Sd-wan Firmware
Cisco Sd-wan Firmware 18.4.0
1 Article
8.1
CVSSv3
CVE-2019-16012
A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote malicious user to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could explo...
Cisco Sd-wan Firmware
1 Article
6.5
CVSSv3
CVE-2020-3437
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker...
Cisco Sd-wan Firmware
7.8
CVSSv3
CVE-2019-1646
A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local malicious user to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An...
Cisco Vedge 100 Firmware
Cisco Vedge 1000 Firmware
Cisco Vedge 2000 Firmware
Cisco Vedge 5000 Firmware
Cisco Vbond Orchestrator -
Cisco Vsmart Controller -
Cisco Vmanage Network Management -
Cisco Sd-wan
7.8
CVSSv3
CVE-2019-1648
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local malicious user to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the gro...
Cisco Vedge 100 Firmware
Cisco Vedge 1000 Firmware
Cisco Vedge 2000 Firmware
Cisco Vedge 5000 Firmware
Cisco Vbond Orchestrator -
Cisco Vsmart Controller -
Cisco Vmanage Network Management -
Cisco Sd-wan
8.8
CVSSv3
CVE-2019-1650
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote malicious user to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affe...
Cisco Vedge 100 Firmware
Cisco Vedge 1000 Firmware
Cisco Vedge 2000 Firmware
Cisco Vedge 5000 Firmware
Cisco Vbond Orchestrator -
Cisco Vsmart Controller -
Cisco Vmanage Network Management -
Cisco Sd-wan
9.8
CVSSv3
CVE-2023-20252
A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote malicious user to gain unauthorized access to the application as an arbitrary user. This vulnerability is due to improper authent...
Cisco Catalyst Sd-wan Manager 20.9.3.2
Cisco Catalyst Sd-wan Manager 20.11.1.2
8.8
CVSSv3
CVE-2021-1302
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view informati...
Cisco Catalyst Sd-wan Manager -
1 Article
6.5
CVSSv3
CVE-2021-1304
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view informati...
Cisco Catalyst Sd-wan Manager -
1 Article
NA
CVE-2020-26073
A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of directory traversal character sequences within requests t...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »