Latest cisco sd-wan vmanage Vulnerabilities

CVE-2023-20179
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. This vul...
Cisco SD-WAN vManage<20.6.6
Cisco SD-WAN vManage>=20.7<20.10
CVE-2023-20262
A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vul...
Cisco Catalyst SD-WAN Manager>=20.4<20.9.3
Cisco SD-WAN vManage<20.3.7
Cisco SD-WAN vManage>=20.10<20.11.1
Cisco SD-WAN vManage=20.12
CVE-2023-20253
A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll bac...
Cisco Catalyst SD-WAN Manager=20.7
Cisco Catalyst SD-WAN Manager=20.8
Cisco Catalyst SD-WAN Manager=20.9
Cisco Catalyst SD-WAN Manager=20.11
Cisco SD-WAN vManage<20.6.2
Cisco SD-WAN vManage=20.10
CVE-2023-20214
A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write per...
Cisco Catalyst SD-WAN Manager>=20.6.4<20.6.4.2
Cisco Catalyst SD-WAN Manager>=20.6.5<20.6.5.5
Cisco Catalyst SD-WAN Manager>=20.7<20.9.3.2
Cisco Catalyst SD-WAN Manager>=20.11<20.11.1.2
Cisco Catalyst SD-WAN Manager=20.6.3.3
Cisco SD-WAN vManage>=20.10<20.10.1.2
CVE-2023-20098
A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files. This vulnerability is due to improper filtering of directory trave...
Cisco Catalyst SD-WAN Manager=20.11
Cisco SD-WAN vManage<20.9.1
CVE-2022-20830
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of ...
Cisco Catalyst SD-WAN Manager>=20.4<20.6.1
Cisco Catalyst SD-WAN Manager=20.7
Cisco SD-WAN vManage>=18.4<20.3.4.1
CVE-2022-20930
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficien...
Cisco Catalyst SD-WAN Manager=20.8
Cisco Catalyst SD-WAN Manager=20.9
Cisco Sd-wan Vbond Orchestrator<20.6.2
Cisco Sd-wan Vbond Orchestrator=20.8
Cisco Sd-wan Vbond Orchestrator=20.9
Cisco SD-WAN vManage<20.6.2
and 13 more
CVE-2022-20850
A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affec...
Cisco Sd-wan Vbond Orchestrator<18.4.5
Cisco SD-WAN vManage<18.4.5
Cisco Sd-wan Vsmart Controller<18.4.5
Cisco IOS XE SD-WAN<16.10.1
Cisco SD-WAN<18.4.5
Cisco 1100-4g Integrated Services Router
and 8 more
CVE-2022-20818
Cisco Sd-wan Vbond Orchestrator<20.9
Cisco SD-WAN vManage<20.9
Cisco Sd-wan Vsmart Controller<20.9
Cisco SD-WAN<20.9
Cisco Catalyst 8000v Edge
Cisco Catalyst Cg418-e
and 77 more
CVE-2022-20696
A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access the...
Cisco Catalyst SD-WAN Manager>=20.7<20.9.1
Cisco SD-WAN vManage<20.6.4
CVE-2022-20739
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker...
Cisco Catalyst SD-WAN Manager=20.7
Cisco SD-WAN vManage<20.6.1
CVE-2022-20747
A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected system. This vulnerability is d...
Cisco Catalyst SD-WAN Manager=20.7
Cisco SD-WAN vManage<20.6.1
CVE-2022-20735
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affec...
Cisco Catalyst SD-WAN Manager=20.7
Cisco SD-WAN vManage<20.6.1
CVE-2021-44228
Apache Log4j2 Remote Code Execution Vulnerability
debian/apache-log4j1.2
debian/apache-log4j2
debian/apache-log4j2<=2.13.3-1<=2.7-2<=2.11.1-2
Apple Xcode<13.3
Apache Log4j2
redhat/log4j<2.15.0
and 429 more
CVE-2021-34712
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected s...
Cisco Catalyst SD-WAN Manager>=20.4<=20.4.2
Cisco Catalyst SD-WAN Manager=20.5
Cisco Catalyst SD-WAN Manager=20.6
Cisco SD-WAN vManage>=20.3<20.3.4
CVE-2021-1546
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access throu...
Cisco Catalyst SD-WAN Manager>=18.4<20.4.2
Cisco Catalyst SD-WAN Manager>=20.6<20.6.1
Cisco Sd-wan Vbond Orchestrator>=18.4<20.4.2
Cisco Sd-wan Vbond Orchestrator>=20.5<20.5.2
Cisco Sd-wan Vbond Orchestrator>=20.6<20.6.1
Cisco SD-WAN vManage>=20.5<20.5.2
and 36 more
CVE-2021-34700
A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. This vul...
Cisco Catalyst SD-WAN Manager>=20.5.0<20.5.1
Cisco SD-WAN vManage<20.4.2
CVE-2021-1535
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected...
Cisco SD-WAN vManage<20.5.1
CVE-2021-1506
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, ...
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco Catalyst SD-WAN Manager>=20.5<20.5.1
Cisco SD-WAN vManage<20.3.3
CVE-2021-1486
A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to enumerate user accounts. This vulnerability is due to the improper handling of HTTP headers. An atta...
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco SD-WAN vManage<20.3.3
CVE-2021-1514
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating s...
Cisco Catalyst SD-WAN Manager>=20.1<20.1.1
Cisco Catalyst SD-WAN Manager>=20.3<20.3.1
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco Catalyst SD-WAN Manager>=20.5<20.5.1
Cisco Sd-wan Vbond Orchestrator<18.3
Cisco Sd-wan Vbond Orchestrator>=20.1<20.1.1
and 64 more
CVE-2021-1507
A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the application web-base...
Cisco SD-WAN vManage<20.5.1
CVE-2021-1512
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is...
Cisco Catalyst SD-WAN Manager>=19.2<19.2.3
Cisco Catalyst SD-WAN Manager>=20.3<20.3.1
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco Catalyst SD-WAN Manager>=20.5<20.5.1
Cisco Sd-wan Vbond Orchestrator
Cisco SD-WAN vManage<18.4.6
and 21 more
CVE-2021-1505
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, ...
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco Catalyst SD-WAN Manager>=20.5<20.5.1
Cisco SD-WAN vManage<20.3.3
CVE-2021-1508
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, ...
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco Catalyst SD-WAN Manager>=20.5<20.5.1
Cisco SD-WAN vManage<19.2.99
Cisco SD-WAN vManage>=20.3<20.3.3
CVE-2021-1468
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, ...
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco Catalyst SD-WAN Manager>=20.5<20.5.1
Cisco SD-WAN vManage<20.3.3
CVE-2021-1513
A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vuln...
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco Catalyst SD-WAN Manager>=20.5<20.5.1
Cisco Sd-wan Vbond Orchestrator
Cisco SD-WAN vManage<20.3.1
Cisco Vsmart Controller Firmware
Cisco Vsmart Controller
and 39 more
CVE-2021-1275
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, ...
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco Catalyst SD-WAN Manager>=20.5<20.5.1
Cisco SD-WAN vManage<20.3.3
CVE-2021-1284
A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to bypass authentication and authorization and modify th...
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco Catalyst SD-WAN Manager>=20.5<20.5.1
Cisco SD-WAN vManage<20.3.1
CVE-2021-1480
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileg...
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco SD-WAN vManage<19.2.4
Cisco SD-WAN vManage>=19.3<20.3.3
CVE-2021-1479
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileg...
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco SD-WAN vManage<19.2.4
Cisco SD-WAN vManage>=19.3<20.3.3
CVE-2021-1137
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileg...
Cisco Catalyst SD-WAN Manager>=20.4<20.4.1
Cisco SD-WAN vManage<19.2.4
Cisco SD-WAN vManage>=19.3<20.3.3
cisco-sa-vmanage-YuTVWqy
Cisco SD-WAN vManage Software Vulnerabilities
Cisco SD-WAN vManage=20.4<20.4.1>=19.3=20.1<=20.3<20.3.3>=18.4 and earlier<=19.2<19.2.4
CVE-2021-1235
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read sensitive database files on an affected system. The vulnerability is due to insufficien...
Cisco SD-WAN vManage<19.2.3
CVE-2021-1349
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected s...
Cisco SD-WAN vManage<20.3.2
CVE-2021-1259
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain write access to sensit...
Cisco SD-WAN vManage<18.2.0
CVE-2020-3591
A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user o...
Cisco Catalyst SD-WAN Manager=20.3.1
Cisco SD-WAN vManage<=20.1.12
CVE-2020-3587
A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. ...
Cisco Catalyst SD-WAN Manager=20.3.1
Cisco SD-WAN vManage<=20.1.12
CVE-2020-3590
A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. ...
Cisco Catalyst SD-WAN Manager=20.3.1
Cisco SD-WAN vManage<=20.1.12
CVE-2020-3592
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected...
Cisco Catalyst SD-WAN Manager=20.3.1
Cisco SD-WAN vManage<=20.1.12
CVE-2020-3579
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of ...
Cisco Catalyst SD-WAN Manager=20.3.1
Cisco SD-WAN vManage<=20.1.12
CVE-2020-27129
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. Th...
Cisco SD-WAN vManage<20.3.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203