Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco ios xe sd-wan vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2021-34723
A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local malicious user to overwrite arbitrary files in the configuration database of an affected device. This vulnerability is due to insufficient validation of speci...
Cisco Ios Xe 17.3.1a
6
CVSSv3
CVE-2021-34724
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local malicious user to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 use...
Cisco Ios Xe Sd-wan
6.7
CVSSv3
CVE-2021-34725
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local malicious user to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on c...
Cisco Ios Xe Sd-wan
6.7
CVSSv3
CVE-2021-34729
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local malicious user to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments ...
Cisco Ios Xe Sd-wan
Cisco Ios Xe
7.1
CVSSv3
CVE-2021-1612
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local malicious user to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this...
Cisco Sd-wan
9.1
CVSSv3
CVE-2021-1619
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the confi...
Cisco Ios Xe 16.6.1
Cisco Ios Xe 16.4.1
Cisco Ios Xe 16.3.1
Cisco Ios Xe 16.3.1a
Cisco Ios Xe 16.3.2
Cisco Ios Xe 16.3.3
Cisco Ios Xe 16.5.1
Cisco Ios Xe 16.5.1a
Cisco Ios Xe 16.3.4
Cisco Ios Xe 16.5.1b
Cisco Ios Xe 16.4.2
Cisco Ios Xe 16.3.5b
Cisco Ios Xe 16.3.6
Cisco Ios Xe 16.6.3
Cisco Ios Xe 16.8.1
Cisco Ios Xe 16.7.1
Cisco Ios Xe 16.6.2
Cisco Ios Xe 16.9.1
Cisco Ios Xe 16.3.5
Cisco Ios Xe 16.5.2
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.8.1s
5.3
CVSSv3
CVE-2021-1495
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote malicious user to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An atta...
Cisco Firepower Threat Defense
Cisco Ios Xe
Snort Snort
NA
CVE-2021-1494
Multiple security vulnerabilities were discovered in snort, a flexible Network Intrusion Detection System, which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or bypass filtering technology on an affected device and ex-filtrate data ...
6.7
CVSSv3
CVE-2021-1281
A vulnerability in CLI management in Cisco IOS XE SD-WAN Software could allow an authenticated, local malicious user to access the underlying operating system as the root user. This vulnerability is due to the way the software handles concurrent CLI sessions. An attacker could ex...
Cisco Ios Xe 16.9.1
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.9.2
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.11.1
Cisco Ios Xe 17.1.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.12.1c
Cisco Ios Xe 16.12.1t
Cisco Ios Xe 16.11.2
Cisco Ios Xe 16.12.1s
Cisco Ios Xe 16.12.1a
Cisco Ios Xe 16.12.1x
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1w
Cisco Ios Xe 16.10.1s
Cisco Ios Xe 16.10.1d
Cisco Ios Xe 16.10.1a
Cisco Ios Xe 16.10.1f
Cisco Ios Xe 16.10.1g
6.6
CVSSv3
CVE-2021-1371
A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN configuration. This vulne...
Cisco Ios Xe Sd-wan 17.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »