CVE-2026-20262
- EPSS 7.68%
- Veröffentlicht 15.06.2026 16:21:09
- Zuletzt bearbeitet 16.06.2026 12:54:55
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists becaus...
CVE-2026-20245
- EPSS 25.32%
- Veröffentlicht 04.06.2026 22:33:00
- Zuletzt bearbeitet 10.06.2026 12:59:09
A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker t...
CVE-2026-20224
- EPSS 0.7%
- Veröffentlicht 14.05.2026 16:08:46
- Zuletzt bearbeitet 29.06.2026 14:51:28
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system. The attacker does not need to have valid user cred...
CVE-2026-20210
- EPSS 0.19%
- Veröffentlicht 14.05.2026 16:08:46
- Zuletzt bearbeitet 29.06.2026 17:35:57
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system. This...
CVE-2026-20209
- EPSS 0.19%
- Veröffentlicht 14.05.2026 16:08:26
- Zuletzt bearbeitet 29.06.2026 17:33:57
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged us...
- EPSS 88.5%
- Veröffentlicht 14.05.2026 16:08:25
- Zuletzt bearbeitet 16.06.2026 19:16:34
May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking....
CVE-2026-20108
- EPSS 0.16%
- Veröffentlicht 25.03.2026 16:16:14
- Zuletzt bearbeitet 29.06.2026 18:10:12
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnera...
CVE-2026-20122
- EPSS 7.02%
- Veröffentlicht 25.02.2026 16:14:21
- Zuletzt bearbeitet 21.04.2026 11:59:56
A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with AP...
- EPSS 57.79%
- Veröffentlicht 25.02.2026 16:14:20
- Zuletzt bearbeitet 16.06.2026 19:16:34
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an unauthentica...
CVE-2026-20128
- EPSS 5.27%
- Veröffentlicht 25.02.2026 16:14:12
- Zuletzt bearbeitet 21.04.2026 12:48:20
A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This vulnerability is due to the presence of a credentia...