CVE-2025-20339 Cisco SD-WAN vEdge Software Access Control List Bypass Vulnerability

A vulnerability in the access control list ACL processing of IPv4 packets of Cisco SD-WAN vEdge Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the improper enforcement of the implicit deny all at the end of a configured ACL. An...

CVE-2025-20187

A vulnerability in the application data endpoints of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to improper validation of requests to APIs. An attacker could...

Cisco SD-WAN vManage 授权问题漏洞

Cisco SD-WAN vManage is a highly customizable dashboard from Cisco, Inc. that simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. Cisco SD-WAN vManage suffers from an input validation error vulnerability that stems from insufficient request validatio...

The vulnerability of the Cisco Software-Defined Application Visibility and Control (SD-AVC) function in the centralized network management system, the Cisco Catalyst SD-WAN Manager, allows a intruder to gain unauthorized access to the system.

The vulnerability of the Cisco Software-Defined Application Visibility and Control SD-AVC function in the centralized network management system, Cisco Catalyst SD-WAN Manager, is related to the lack of authentication for this critical function. Exploiting this vulnerability could allow a maliciou...

Cisco Software-Defined Application Visibility and Control on Cisco vManage Static Username and Password (cisco-sa-sdavc-ZA5fpXX2)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control SD-AVC on Cisco vManage could allow an unauthenticated, remote attacker to access the GU...

The vulnerability of the CLI component of Cisco SD-WAN microprogramming software allows a hacker to enhance their privileges.

The vulnerability of the CLI component of Cisco SD-WAN microprogramming software is related to access control deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges by modifying certain files on the vulnerable device...

The vulnerability of the emergency recovery function of the Cisco SD-WAN vManage centralized system allows a intruder to gain unauthorized access to the device.

The vulnerability of the emergency recovery function of the Cisco SD-WAN vManage centralized system management platform is related to insufficient protection of registration data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the...

The vulnerability of the web interface of Cisco SD-WAN microprogramming software allows a hacker to obtain confidential information.

The vulnerability of the web interface of Cisco SD-WAN microprogramming software exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information through a specially crafted HTTP request...

Cisco SD-WAN vManage Software 安全漏洞

Cisco SD-WAN Solution is a set of network extension solutions from Cisco, of which vManage is the console. vManage Software for Cisco SD-WAN is vulnerable to an information disclosure vulnerability that could be exploited by an attacker to read arbitrary files on the underlying file system of the...

Cisco SD-WAN Software 安全漏洞

Cisco SD-WAN is a highly secure cloud-scale architecture that is open, programmable, and scalable from Cisco USA. A security vulnerability exists in the Cisco SD-WAN Software that allows an authenticated, local attacker to gain elevated privileges on an affected system...

The vulnerability of the vDaemon process in the programmatically defined Cisco SD-WAN network allows a attacker to trigger a service failure.

The vulnerability of the vDaemon process in Cisco SD-WAN is due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the programmatically defined Cisco SD-WAN network component allows a attacker to trigger a service failure.

The vulnerability of the programmatically defined Cisco SD-WAN API component is related to resource management errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Cisco SD-WAN vManage 安全漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. An information disclosure vulnerability exists in the cluster management interface of Cisco SD-WAN vManage versions prior to 20.5.1. The...

Cisco SD-WAN vManage 后置链接漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. Cisco SD-WAN vManage suffers from a backlink vulnerability that stems from an insufficient file range restriction. An attacker could exploit...

Cisco SD-WAN vManage 代码问题漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A code issue vulnerability exists in Cisco SD-WAN vManage Software, which could be exploited by an attacker to read or write files in an...

Cisco SD-WAN vManage 输入验证错误漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. Cisco SD-WAN vManage Software has an input validation error vulnerability that originates as a result of insufficient authorization checks. ...

The vulnerability of the programmatically defined network management function in Cisco SD-WAN allows a attacker to execute arbitrary code with root privileges.

The vulnerability of the programmatically defined Cisco SD-WAN remote management function is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code with root privileges...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the vManage web interface of the Cisco SD-WAN software-defined network is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the command-line interface (CLI) of the vManage web interface for programmatically defined Cisco SD-WAN networks allows a attacker to compromise the integrity of protected information.

The vulnerability of the command-line interface CLI of the vManage web interface for the Cisco SD-WAN network is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a attacker to execute arbitrary SQL queries.

The vulnerability in the vManage web interface of the Cisco SD-WAN program-defined network is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...