Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sd-wan vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-3375
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote malicious user to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted tra...
Cisco Sd-wan
Cisco Ios Xe Sd-wan
6.5
CVSSv2
CVE-2020-3985
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3 and 3.4.x before 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. An authenticated SD-WAN Orchestrator user may exploit an application weakness and call a vulnerable API to elevate ...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
6.5
CVSSv2
CVE-2020-4000
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 allows for executing files through directory traversal. An authenticated SD-WAN Orchestrator user is able to traversal directories which may lead to code execution of files.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
6.5
CVSSv2
CVE-2020-4002
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privileges may be able to execute arbitrary code on the underlying operating system.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
4
CVSSv2
CVE-2020-4003
VMware SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 was found to be vulnerable to SQL-injection attacks allowing for potential information disclosure. An authenticated SD-WAN Orchestrator user may inject code into SQL queries which may lea...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
4
CVSSv2
CVE-2020-3984
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3 and 3.4.x before 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthori...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
7.5
CVSSv2
CVE-2020-4001
The SD-WAN Orchestrator 3.3.2, 3.4.x, and 4.0.x has default passwords allowing for a Pass-the-Hash Attack. SD-WAN Orchestrator ships with default passwords for predefined accounts which may lead to to a Pass-the-Hash attack.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
NA
CVE-2023-20253
A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local malicious user to bypass authorization and allow the malicious user to roll back the configuration on vManage controllers and edge router device. T...
Cisco Sd-wan Vmanage
Cisco Sd-wan Vmanage 20.10
Cisco Catalyst Sd-wan Manager 20.9
Cisco Catalyst Sd-wan Manager 20.11
Cisco Catalyst Sd-wan Manager 20.8
Cisco Catalyst Sd-wan Manager 20.7
7.8
CVSSv2
CVE-2020-3351
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. A...
Cisco Sd-wan Firmware
Cisco Vedge Cloud Router -
Cisco Vsmart Controller -
10
CVSSv2
CVE-2020-14606
Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications (component: User Interface). Supported versions that are affected are 8.2 and 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Ora...
Oracle Sd-wan Edge 8.2
Oracle Sd-wan Edge 9.0
2 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »