Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco sd-wan vmanage vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-1486
A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, remote malicious user to enumerate user accounts. This vulnerability is due to the improper handling of HTTP headers. An attacker could exploit this vulnerability by sending authenticated requests to...
Cisco Sd-wan Vmanage
Cisco Catalyst Sd-wan Manager
8.8
CVSSv3
CVE-2021-1505
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote malicious user to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local malicious user to gain escalated privileges or gain unauthorized acc...
Cisco Sd-wan Vmanage
Cisco Catalyst Sd-wan Manager
5.4
CVSSv3
CVE-2021-1507
A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to conduct a stored cross-site scripting (XSS) attack against users of the application web-based interface. This vulnerability exists because the API does not properly v...
Cisco Sd-wan Vmanage
6
CVSSv3
CVE-2021-1512
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local malicious user to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a...
Cisco Sd-wan Vbond Orchestrator -
Cisco Sd-wan Vmanage
Cisco Catalyst Sd-wan Manager
Cisco Vsmart Controller Firmware -
Cisco Vedge 100 Firmware -
Cisco Vedge 1000 Firmware -
Cisco Vedge 100b Firmware -
Cisco Vedge 100m Firmware -
Cisco Vedge 100wm Firmware -
Cisco Vedge 2000 Firmware -
Cisco Vedge 5000 Firmware -
Cisco Vedge-100b Firmware -
Cisco Vedge Cloud Firmware -
7.5
CVSSv3
CVE-2021-1513
A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote malicious user to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacke...
Cisco Sd-wan Vbond Orchestrator -
Cisco Catalyst Sd-wan Manager
Cisco Vsmart Controller Firmware -
Cisco Vedge 100 Firmware -
Cisco Vedge 1000 Firmware -
Cisco Vedge 100b Firmware -
Cisco Vedge 100m Firmware -
Cisco Vedge 100wm Firmware -
Cisco Vedge 2000 Firmware -
Cisco Vedge 5000 Firmware -
Cisco Vedge-100b Firmware -
Cisco Vedge Cloud Firmware -
4.3
CVSSv3
CVE-2021-1515
A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent malicious user to gain access to sensitive information. This vulnerability is due to improper access controls on API endpoints when Cisco SD-WAN vManage Software is running in multi-tenant m...
Cisco Sd-wan Vmanage
5.3
CVSSv3
CVE-2021-1535
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote malicious user to view sensitive information on an affected system. To be affected by this vulnerability, the Cisco SD-WAN vManage Software must be in clust...
Cisco Sd-wan Vmanage
7.8
CVSSv3
CVE-2021-1514
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local malicious user to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certa...
Cisco Sd-wan Vbond Orchestrator
Cisco Sd-wan Vmanage
Cisco Catalyst Sd-wan Manager
Cisco Vsmart Controller Firmware
Cisco Vedge 100 Firmware
Cisco Vedge 1000 Firmware
Cisco Vedge 100b Firmware
Cisco Vedge 100m Firmware
Cisco Vedge 100wm Firmware
Cisco Vedge 2000 Firmware
Cisco Vedge 5000 Firmware
Cisco Vedge-100b Firmware
Cisco Vedge Cloud Firmware
NA
CVE-2021-1234
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must be in cluster mode. This vulne...
7 Github repositories
NA
CVE-2021-1481
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-bas...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »