Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sd vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-3984
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3 and 3.4.x before 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthori...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
8.8
CVSSv3
CVE-2020-4000
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 allows for executing files through directory traversal. An authenticated SD-WAN Orchestrator user is able to traversal directories which may lead to code execution of files.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
9.8
CVSSv3
CVE-2020-4001
The SD-WAN Orchestrator 3.3.2, 3.4.x, and 4.0.x has default passwords allowing for a Pass-the-Hash Attack. SD-WAN Orchestrator ships with default passwords for predefined accounts which may lead to to a Pass-the-Hash attack.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
6.5
CVSSv3
CVE-2020-4003
VMware SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 was found to be vulnerable to SQL-injection attacks allowing for potential information disclosure. An authenticated SD-WAN Orchestrator user may inject code into SQL queries which may lea...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
7.2
CVSSv3
CVE-2020-4002
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privileges may be able to execute arbitrary code on the underlying operating system.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
8.8
CVSSv3
CVE-2020-3985
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3 and 3.4.x before 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. An authenticated SD-WAN Orchestrator user may exploit an application weakness and call a vulnerable API to elevate ...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
5.5
CVSSv3
CVE-2023-20253
A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local malicious user to bypass authorization and allow the malicious user to roll back the configuration on vManage controllers and edge router device. T...
Cisco Sd-wan Vmanage
Cisco Sd-wan Vmanage 20.10
Cisco Catalyst Sd-wan Manager 20.9
Cisco Catalyst Sd-wan Manager 20.11
Cisco Catalyst Sd-wan Manager 20.8
Cisco Catalyst Sd-wan Manager 20.7
8.8
CVSSv3
CVE-2020-3115
A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local malicious user to elevate privileges to root-level privileges on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker co...
Cisco Sd-wan Firmware 18.4.1
Cisco Sd-wan Firmware 19.1.0
10
CVSSv3
CVE-2020-14606
Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications (component: User Interface). Supported versions that are affected are 8.2 and 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Ora...
Oracle Sd-wan Edge 8.2
Oracle Sd-wan Edge 9.0
2 Articles
5.9
CVSSv3
CVE-2020-6175
Citrix SD-WAN 10.2.x prior to 10.2.6 and 11.0.x prior to 11.0.3 has Missing SSL Certificate Validation.
Citrix Citrix Sd-wan Center
Citrix Netscaler Sd-wan Center
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »