Cisco

Catalyst Sd-wan Manager

86 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-20475

  • EPSS 0.34%
  • Veröffentlicht 25.09.2024 17:15:17
  • Zuletzt bearbeitet 03.10.2024 17:49:17

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. Th...

6.5

CVE-2023-20261

  • EPSS 0.12%
  • Veröffentlicht 18.10.2023 17:15:08
  • Zuletzt bearbeitet 21.11.2024 07:41:01

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the w...

7.5

CVE-2023-20262

  • EPSS 0.32%
  • Veröffentlicht 27.09.2023 18:15:11
  • Zuletzt bearbeitet 21.11.2024 07:41:01

A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent the system from contin...

5.5

CVE-2023-20253

  • EPSS 0.01%
  • Veröffentlicht 27.09.2023 18:15:11
  • Zuletzt bearbeitet 21.11.2024 07:41:00

A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on vManage controllers and edg...

9.8

CVE-2023-20252

  • EPSS 1.01%
  • Veröffentlicht 27.09.2023 18:15:11
  • Zuletzt bearbeitet 21.11.2024 07:40:59

A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user. This vulnerability...

6.5

CVE-2020-26065

  • EPSS 0.28%
  • Veröffentlicht 04.08.2023 21:15:10
  • Zuletzt bearbeitet 21.11.2024 05:19:08

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerabilit...

8.1

CVE-2020-26064

  • EPSS 0.09%
  • Veröffentlicht 04.08.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 05:19:07

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML Ext...

9.1

CVE-2023-20214

  • EPSS 0.15%
  • Veröffentlicht 03.08.2023 22:15:11
  • Zuletzt bearbeitet 21.11.2024 07:40:54

A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write permissions to the configuration of an affected Cisco...

6

CVE-2023-20098

  • EPSS 0.08%
  • Veröffentlicht 09.05.2023 18:15:11
  • Zuletzt bearbeitet 21.11.2024 07:40:32

A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files. This vulnerability is due to improper filtering of directory traversal character sequences within system commands. A...

5.3

CVE-2022-20830

  • EPSS 0.27%
  • Veröffentlicht 10.10.2022 21:15:10
  • Zuletzt bearbeitet 21.11.2024 06:43:38

A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. This vulnerab...