SD-WAN
CVEs (28)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-12989 | 0.22 | — | 0.94 | KEV | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection. | ||
| CVE-2019-12991 | 0.21 | — | 0.74 | KEV | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6). | ||
| CVE-2019-12985 | 0.07 | — | 0.43 | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6). | |||
| CVE-2019-12986 | 0.07 | — | 0.40 | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6). | |||
| CVE-2019-12987 | 0.07 | — | 0.44 | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6). | |||
| CVE-2019-12988 | 0.07 | — | 0.43 | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6). | |||
| CVE-2019-12990 | 0.07 | — | 0.39 | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal. | |||
| CVE-2024-2049 | 0.00 | — | 0.00 | Mar 12, 2024 | Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP. | |||
| CVE-2022-27506 | 0.00 | — | 0.01 | Apr 13, 2022 | Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI | |||
| CVE-2021-1241 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||
| CVE-2021-1261 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these… | |||
| CVE-2021-1262 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these… | |||
| CVE-2021-1263 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these… | |||
| CVE-2021-1273 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||
| CVE-2021-1274 | 0.00 | — | 0.02 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||
| CVE-2021-1278 | 0.00 | — | 0.02 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||
| CVE-2021-1298 | 0.00 | — | 0.02 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these… | |||
| CVE-2021-1299 | 0.00 | — | 0.02 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these… | |||
| CVE-2021-1300 | 0.00 | — | 0.02 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||
| CVE-2020-8246 | 0.00 | — | 0.02 | Sep 18, 2020 | Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before… |
- risk 0.22cvss —epss 0.94
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.
- risk 0.21cvss —epss 0.74
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6).
- CVE-2019-12985Jul 16, 2019risk 0.07cvss —epss 0.43
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6).
- CVE-2019-12986Jul 16, 2019risk 0.07cvss —epss 0.40
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6).
- CVE-2019-12987Jul 16, 2019risk 0.07cvss —epss 0.44
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).
- CVE-2019-12988Jul 16, 2019risk 0.07cvss —epss 0.43
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6).
- CVE-2019-12990Jul 16, 2019risk 0.07cvss —epss 0.39
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.
- CVE-2024-2049Mar 12, 2024risk 0.00cvss —epss 0.00
Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP.
- CVE-2022-27506Apr 13, 2022risk 0.00cvss —epss 0.01
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI
- CVE-2021-1241Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
- CVE-2021-1261Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these…
- CVE-2021-1262Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these…
- CVE-2021-1263Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these…
- CVE-2021-1273Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
- CVE-2021-1274Jan 20, 2021risk 0.00cvss —epss 0.02
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
- CVE-2021-1278Jan 20, 2021risk 0.00cvss —epss 0.02
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
- CVE-2021-1298Jan 20, 2021risk 0.00cvss —epss 0.02
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these…
- CVE-2021-1299Jan 20, 2021risk 0.00cvss —epss 0.02
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these…
- CVE-2021-1300Jan 20, 2021risk 0.00cvss —epss 0.02
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
- CVE-2020-8246Sep 18, 2020risk 0.00cvss —epss 0.02
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before…
Page 1 of 2