Lucene search
K

84 matches found

NVD
NVD
added 2024/11/18 4:15 p.m.11 views

CVE-2021-1465

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP...

4.3CVSS0.01132EPSS
Exploits0References1
NVD
NVD
added 2024/11/18 4:15 p.m.6 views

CVE-2021-1232

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system. This vulnerability is due to insufficient access control for sensitive information that ...

6.5CVSS0.01064EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/11/18 3:57 p.m.18 views

CVE-2020-26073 Cisco SD-WAN vManage Directory Traversal Vulnerability

A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of directory traversal character sequences within requests to application...

7.5CVSS0.12062EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/18 3:45 p.m.13 views

CVE-2021-1234 Cisco SD-WAN vManage Information Disclosure Vulnerabilities

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must be in cluster mode. This vulnerability is due t...

5.3CVSS5.3AI score0.00765EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/11/18 3:40 p.m.6 views

CVE-2021-1232 Cisco SD-WAN vManage Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system. This vulnerability is due to insufficient access control for sensitive information that ...

6.5CVSS6.6AI score0.01064EPSS
Exploits0References4
NVD
NVD
added 2024/11/15 5:15 p.m.9 views

CVE-2021-1483

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. This vulnerability is due to improper handling of XML External Entity XXE entries when the affected...

6.4CVSS0.00859EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/15 4:37 p.m.10 views

CVE-2021-1481 Cisco SD-WAN vManage Cypher Query Language Injection Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management...

4.3CVSS7.2AI score0.00818EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/15 4:27 p.m.10 views

CVE-2021-1483 Cisco SD-WAN vManage Software XML External Entity Vulnerability

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. This vulnerability is due to improper handling of XML External Entity XXE entries when the affected...

6.4CVSS6.9AI score0.00859EPSS
Exploits0References3
CNVD
CNVD
added 2023/10/07 12:0 a.m.6 views

Access Control Error Vulnerability in Cisco SD-WAN vManage

Cisco SD-WAN vManage is a highly customizable dashboard from Cisco, Inc. that simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. An access control error vulnerability exists in Cisco SD-WAN vManage that stems from improperly enforced access control ...

7.1CVSS6.6AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2023/08/04 9:15 p.m.50 views

CVE-2020-26065

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP...

6.5CVSS6.3AI score0.01705EPSS
Exploits0References1
Prion
Prion
added 2023/08/04 9:15 p.m.15 views

Path traversal

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP...

4CVSS6.2AI score0.01705EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/08/03 10:15 p.m.45 views

CVE-2023-20214

A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write permissions to the configuration of an affected Cisco SD-WAN vManage instance. This vulnerability is...

9.1CVSS9.4AI score0.00731EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.4 views

Cisco SD-WAN vManage 路径遍历漏洞

Cisco SD-WAN vManage is a highly customizable dashboard from Cisco, Inc. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. A security vulnerability exists in Cisco SD-WAN vManage that stems from improper filtering of directory traversal characte...

6CVSS6.3AI score0.00514EPSS
Exploits0References4
NVD
NVD
added 2023/03/23 5:15 p.m.25 views

CVE-2023-20113

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...

8.1CVSS7.3AI score0.00261EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.24 views

Cisco SD-WAN vManage Software XSRF (cisco-sa-vman-csrf-76RDbLEh)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an...

8.1CVSS7.7AI score0.00261EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2022/09/08 3:48 a.m.225 views

Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products

Cisco on Wednesday rolled out patches to address three security flaws affecting its products, including a high-severity weakness disclosed in NVIDIA Data Plane Development Kit MLNXDPDK late last month. Tracked as CVE-2022-28199 CVSS score: 8.6, the vulnerability stems from a lack of proper error...

9.8CVSS0.3AI score0.0188EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/09/07 12:0 a.m.3 views

PT-2022-4706 · Cisco · Cisco Sd-Wan Vmanage

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vManage Software affected versions not specified Description: A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could allow an unauthenticated, adjacent attacker who has access to the VPN0...

8.8CVSS8.4AI score0.00342EPSS
Exploits0References7
OSV
OSV
added 2022/05/04 5:15 p.m.5 views

CVE-2022-20734

A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerabilit...

4.4CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2022/04/15 3:15 p.m.20 views

CVE-2022-20735

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...

6.5CVSS0.00467EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2022/04/15 4:5 a.m.48 views

Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software

Cisco has released patches to contain a critical security vulnerability affecting the Wireless LAN Controller WLC that could be abused by an unauthenticated, remote attacker to take control of an affected system. Tracked as CVE-2022-20695, the issue has been rated 10 out of 10 for severity and...

0.9AI score0.1986EPSS
Exploits0
Rows per page
Query Builder