SD-WAN
CVEs (12)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-2049 | 0.00 | — | 0.00 | Mar 12, 2024 | Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP. | |||
| CVE-2022-27506 | 0.00 | — | 0.00 | Apr 13, 2022 | Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI | |||
| CVE-2021-1241 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||
| CVE-2021-1261 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these… | |||
| CVE-2021-1262 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these… | |||
| CVE-2021-1263 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these… | |||
| CVE-2021-1273 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||
| CVE-2021-1274 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||
| CVE-2021-1278 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||
| CVE-2021-1298 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these… | |||
| CVE-2021-1299 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these… | |||
| CVE-2021-1300 | 0.00 | — | 0.01 | Jan 20, 2021 | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. |
- CVE-2024-2049Mar 12, 2024risk 0.00cvss —epss 0.00
Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP.
- CVE-2022-27506Apr 13, 2022risk 0.00cvss —epss 0.00
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI
- CVE-2021-1241Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
- CVE-2021-1261Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these…
- CVE-2021-1262Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these…
- CVE-2021-1263Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these…
- CVE-2021-1273Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
- CVE-2021-1274Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
- CVE-2021-1278Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
- CVE-2021-1298Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these…
- CVE-2021-1299Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these…
- CVE-2021-1300Jan 20, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.