Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sd-wan vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2020-3375
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote malicious user to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted tra...
Cisco Sd-wan
Cisco Ios Xe Sd-wan
356
VMScore
CVE-2020-4003
VMware SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 was found to be vulnerable to SQL-injection attacks allowing for potential information disclosure. An authenticated SD-WAN Orchestrator user may inject code into SQL queries which may lea...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
356
VMScore
CVE-2020-3984
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3 and 3.4.x before 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthori...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
578
VMScore
CVE-2020-3985
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3 and 3.4.x before 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. An authenticated SD-WAN Orchestrator user may exploit an application weakness and call a vulnerable API to elevate ...
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
578
VMScore
CVE-2020-4000
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 allows for executing files through directory traversal. An authenticated SD-WAN Orchestrator user is able to traversal directories which may lead to code execution of files.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
578
VMScore
CVE-2020-4002
The SD-WAN Orchestrator 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1 handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privileges may be able to execute arbitrary code on the underlying operating system.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
668
VMScore
CVE-2020-4001
The SD-WAN Orchestrator 3.3.2, 3.4.x, and 4.0.x has default passwords allowing for a Pass-the-Hash Attack. SD-WAN Orchestrator ships with default passwords for predefined accounts which may lead to to a Pass-the-Hash attack.
Vmware Sd-wan Orchestrator 3.3.2
Vmware Sd-wan Orchestrator
NA
CVE-2023-20253
A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local malicious user to bypass authorization and allow the malicious user to roll back the configuration on vManage controllers and edge router device. T...
Cisco Sd-wan Vmanage
Cisco Sd-wan Vmanage 20.10
Cisco Catalyst Sd-wan Manager 20.9
Cisco Catalyst Sd-wan Manager 20.11
Cisco Catalyst Sd-wan Manager 20.8
Cisco Catalyst Sd-wan Manager 20.7
694
VMScore
CVE-2020-3351
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. A...
Cisco Sd-wan Firmware
Cisco Vedge Cloud Router -
Cisco Vsmart Controller -
383
VMScore
CVE-2019-11345
Citrix SD-WAN Center 10.2.x prior to 10.2.1 and NetScaler SD-WAN Center 10.0.x prior to 10.0.7 allow XSS.
Citrix Citrix Sd-wan Center
Citrix Netscaler Sd-wan Center
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »