Lucene search
K

1679 matches found

CVE
CVE
added 2026/03/25 4:9 p.m.74 views

CVE-2026-20108

The CVE-2026-20108 affects Cisco Catalyst SD-WAN Manager’s web-based management interface. The issue is insufficient validation of user input , enabling an authenticated, remote attacker to entice a user to click a crafted link and trigger cross-site scripting . Successful exploitation could exec...

5.4CVSS6AI score0.00162EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/25 4:5 p.m.1 views

CVE-2026-20104

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...

6.1CVSS6.2AI score0.00162EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:5 p.m.54 views

CVE-2026-20104

Cisco IOS XE bootloader vulnerability (CVE-2026-20104) affects Catalyst 9200 series, ESS9300 Embedded, IE9310/IE9320 Rugged, and IE3500/IE3505 Rugged switches. Root cause: insufficient validation of boot-time software, allowing manipulation of loaded binaries to bypass boot-time integrity checks ...

6.1CVSS6.2AI score0.00162EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:2 p.m.1 views

CVE-2026-20086

A vulnerability in the processing of Control and Provisioning of Wireless Access Points CAPWAP packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This...

8.6CVSS5.8AI score0.00354EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:2 p.m.83 views

CVE-2026-20086

Cisco IOS XE Wireless Controller Software (Catalyst CW9800 Family) is affected by a DoS vulnerability in CAPWAP packet processing. An unauthenticated, remote attacker can send a malformed CAPWAP packet to trigger an unexpected device reload, resulting in service disruption. Root cause: improper h...

8.6CVSS5.9AI score0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:2 p.m.30 views

CVE-2026-20086

A vulnerability in the processing of Control and Provisioning of Wireless Access Points CAPWAP packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This...

8.6CVSS0.00354EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:2 p.m.1 views

CVE-2026-20084

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...

8.6CVSS5.8AI score0.00354EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:2 p.m.87 views

CVE-2026-20084

CVE-2026-20084 describes a vulnerability in the DHCP snooping feature of Cisco IOS XE Software affecting Cisco Catalyst 9000 Series switches. The issue arises from improper handling of BOOTP packets, which could allow an unauthenticated remote attacker to forward BOOTP packets between VLANs. The ...

8.6CVSS5.8AI score0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:2 p.m.32 views

CVE-2026-20084

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...

8.6CVSS0.00354EPSS
Exploits0References1
Cisco
Cisco
added 2026/03/25 4:0 p.m.24 views

Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...

8.6CVSS5.8AI score0.00354EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.10 views

PT-2026-27790

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the DHCP snooping feature that may allow a remote attacker to forward BOOTP packets between VLANs, leading to a denial of service DoS. This is caused by imprope...

8.6CVSS5.9AI score0.00354EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Cisco多款产品 安全漏洞

The Cisco Catalyst 9200 Series Switches are switches produced by the American company Cisco. The Cisco Catalyst is a series of switches developed by Cisco. Several of Cisco’s products have security vulnerabilities. These vulnerabilities stem from insufficient software validation during startup,...

6.1CVSS6.2AI score0.00162EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.11 views

PT-2026-27791

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family affected versions not specified Description A flaw exists in how the software processes Control and Provisioning of Wireless Access Points CAPWAP packets. This could allo...

8.6CVSS5.9AI score0.00354EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.9 views

PT-2026-27792

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches Cisco Catalyst ESS9300 Embedded Series Switches Cisco Catalyst IE9310 and IE9320 Rugged Series Switches Cisco IE3500 and IE3505 Rugged Series Switches Description A flaw exists in t...

6.1CVSS6.2AI score0.00162EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.5 views

Cisco IOS XE Software for Catalyst Rugged Series Switches Secure Boot Bypass (cisco-sa-xe-secureboot-bypass-B6uYxYSZ)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series...

6.1CVSS6.6AI score0.00162EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.4 views

Cisco Catalyst SD-WAN Manager XSS (cisco-sa-vmanage-xss-ZqkhP9W9)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user ...

5.4CVSS6.3AI score0.00162EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.13 views

Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage) 跨站脚本漏洞

Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by the American company Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. Cisco Catalyst SD-WAN Manager has a cross-site scripting vulnerability, which stems from...

5.4CVSS5.6AI score0.00162EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.14 views

PT-2026-27793

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description A flaw exists in the web-based management interface that may allow a remote attacker with valid credentials to perform a cross-site scripting XSS attack against a user...

5.5CVSS6.2AI score0.00162EPSS
Exploits0References6
Rapid7 Blog
Rapid7 Blog
added 2026/03/11 3:52 p.m.11 views

Rapid7 Analysis: CVE-2026-20127

CVE-2026-20127: Cisco Catalyst SD-WAN Authentication Bypass Overview On 25th February 2026, Cisco published an advisory for CVE-2026-20127, a critical authentication bypass vulnerability in the vdaemon service of Cisco Catalyst SD-WAN formerly Viptela. The flaw allows an unauthenticated, remote...

10CVSS8.8AI score0.57793EPSS
Exploits10
NCSC
NCSC
added 2026/03/06 12:7 p.m.12 views

Vulnerabilities fixed in Cisco Catalyst SD-WAN Manager

Cisco has fixed several vulnerabilities in the Cisco Catalyst SD-WAN Manager. The vulnerabilities are in the peering authentication mechanisms of the Cisco Catalyst SD-WAN Controller and Manager products. These vulnerabilities allow an unauthenticated remote attacker to bypass the authentication...

10CVSS6.5AI score0.57793EPSS
Exploits11References3
Rows per page
Query Builder