Catalyst Sd-wan Manager@20.3.1 Security Vulnerabilities and Issues — Catalyst Sd-wan Manager@20.3.1 CVE List

Lucene search

CiscoCatalyst Sd-wan Manager20.3.1

9 matches found

CVE•added 2020/11/06 7:15 p.m.•79 views

CVE-2020-3592

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system. The vulnerability is due to insufficient authorization checking on an affected system. An ...

6.5CVSS6.8AI score0.00033EPSS

CVE•added 2023/10/18 5:15 p.m.•63 views

CVE-2023-20261

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerability ...

6.5CVSS6.3AI score0.00143EPSS

CVE•added 2020/11/06 7:15 p.m.•61 views

CVE-2020-3579

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not properl...

6.1CVSS5.9AI score0.00346EPSS

CVE•added 2020/11/06 7:15 p.m.•60 views

CVE-2020-3591

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not prope...

4.3CVSS4.6AI score0.00195EPSS

CVE•added 2020/11/06 7:15 p.m.•59 views

CVE-2020-3587

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. The vulnerability exists because the web-based management interface does not properly validate user...

6.4CVSS6AI score0.00186EPSS

CVE•added 2020/11/06 7:15 p.m.•59 views

CVE-2020-3590

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. The vulnerability exists because the web-based management interface does not properly validate user...

6.4CVSS6AI score0.00186EPSS

CVE•added 2023/08/04 9:15 p.m.•55 views

CVE-2020-26065

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system.The vulnerability is due to insufficient validation of HTTP requests...

6.5CVSS6.2AI score0.00278EPSS

CVE•added 2023/08/04 9:15 p.m.•54 views

CVE-2020-26064

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system.The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML ...

8.1CVSS7.9AI score0.00094EPSS

CVE•added 2024/11/15 5:15 p.m.•45 views

CVE-2021-1470

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.This vulnerability is due to improper input validation of SQL queries to an affected system. An attacker could ...

4.9CVSS5.6AI score0.00056EPSS