5 matches found
VulnCheck KEV: CVE-2025-34026
Versa Concerto SD-WAN orchestration platform contains an improper authentication vulnerability in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs...
CVE-2025-34025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and container escape vulnerability caused by unsafe default mounting of host binary paths that allow the container to modify host paths. The escape can be used to trigger remote code execution or direct hos...
PT-2025-22440
Name of the Vulnerable Software and Affected Versions Versa Concerto versions 12.1.2 through 12.2.0 Description The Versa Concerto SD-WAN orchestration platform has an authentication bypass issue in the Traefik reverse proxy configuration. This allows an attacker to access administrative endpoint...
PT-2025-22441
Name of the Vulnerable Software and Affected Versions Versa Concerto versions 12.1.2 through 12.2.0 Description The Versa Concerto SD-WAN orchestration platform contains a flaw in the Traefik reverse proxy configuration that allows an attacker to bypass authentication and access administrative...
PT-2025-22439
Name of the Vulnerable Software and Affected Versions Versa Concerto SD-WAN orchestration platform versions 12.1.2 through 12.2.0 Description The Versa Concerto SD-WAN orchestration platform is vulnerable to a privileges escalation and container escape vulnerability caused by unsafe default...