VYPR

SD-WAN vManage

by Cisco Systems, Inc.

CVEs (82)

  • CVE-2020-3591Nov 6, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management…

  • CVE-2020-3590Nov 6, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. The vulnerability exists because the web-based management interface does not…

  • CVE-2020-3587Nov 6, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. The vulnerability exists because the web-based management interface does not…

  • CVE-2020-3579Nov 6, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management…

  • CVE-2020-27129Nov 6, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. The vulnerability is due to improper validation of commands to the remote…

  • CVE-2020-27128Nov 6, 2020
    risk 0.00cvss epss 0.61

    A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write arbitrary files to an affected system. The vulnerability is due to improper validation of requests to APIs. An attacker could exploit this…

  • CVE-2020-3536Oct 8, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management…

  • CVE-2020-3374Jul 31, 2020
    risk 0.00cvss epss 0.02

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization, enabling them to access sensitive information, modify the system configuration, or impact the availability of the…

  • CVE-2020-3375Jul 31, 2020
    risk 0.00cvss epss 0.04

    A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic…

  • CVE-2020-3468Jul 16, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates…

  • CVE-2020-3437Jul 16, 2020
    risk 0.00cvss epss 0.03

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker…

  • CVE-2020-3406Jul 16, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management…

  • CVE-2020-3401Jul 16, 2020
    risk 0.00cvss epss 0.03

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient…

  • CVE-2020-3405Jul 16, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when…

  • CVE-2020-3388Jul 16, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability…

  • CVE-2020-3381Jul 16, 2020
    risk 0.00cvss epss 0.03

    A vulnerability in the web management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct directory traversal attacks and obtain read and write access to sensitive files on a targeted system. The vulnerability is due to a lack of…

  • CVE-2020-3378Jul 16, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of…

  • CVE-2020-3372Jul 16, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to inefficient…

  • CVE-2020-3180Jul 16, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a…

  • CVE-2019-16010Mar 19, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient…

Page 4 of 5