|
200421
|
9.9 |
CRITICAL
Network
|
cisco
|
sd-wan
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization, enabling them to access sensitive informa…
|
CWE-863
Incorrect Authorization
|
CVE-2020-3374
|
2024-11-21 14:30 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200422
|
7.8 |
HIGH
Local
|
cisco
|
sd-wan_firmware
vbond_orchestrator
vsmart_controller
|
A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to i…
|
CWE-20
Improper Input Validation
|
CVE-2020-3379
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200423
|
5.8 |
MEDIUM
Network
|
cisco
|
email_security_appliance
|
A vulnerability in URL filtering of Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to bypass URL filtering on an affected device. The vulnerability …
|
CWE-20
Improper Input Validation
|
CVE-2020-3370
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200424
|
5.4 |
MEDIUM
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user …
|
CWE-79
Cross-site Scripting
|
CVE-2020-3406
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200425
|
7.3 |
HIGH
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vul…
|
CWE-611
XXE
|
CVE-2020-3405
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200426
|
6.5 |
MEDIUM
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensit…
|
CWE-22
Path Traversal
|
CVE-2020-3401
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200427
|
7.8 |
HIGH
Local
|
cisco
|
sd-wan_firmware
|
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due …
|
CWE-287
Improper Authentication
|
CVE-2020-3388
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200428
|
8.8 |
HIGH
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to execute code with root privileges on an affected system. The vulnerability is due to insufficient inp…
|
-
|
CVE-2020-3387
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200429
|
6.5 |
MEDIUM
Adjacent
|
cisco
|
sd-wan_firmware
vedge_cloud_router
|
A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected …
|
NVD-CWE-noinfo
|
CVE-2020-3385
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200430
|
8.8 |
HIGH
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in the web management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct directory traversal attacks and obtain read and write access …
|
CWE-22
Path Traversal
|
CVE-2020-3381
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
