|
202011
|
5.4 |
MEDIUM
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user …
|
CWE-79
Cross-site Scripting
|
CVE-2020-3406
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202012
|
7.3 |
HIGH
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vul…
|
CWE-611
XXE
|
CVE-2020-3405
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202013
|
6.5 |
MEDIUM
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensit…
|
CWE-22
Path Traversal
|
CVE-2020-3401
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202014
|
7.8 |
HIGH
Local
|
cisco
|
sd-wan_firmware
|
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due …
|
CWE-287
Improper Authentication
|
CVE-2020-3388
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202015
|
8.8 |
HIGH
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to execute code with root privileges on an affected system. The vulnerability is due to insufficient inp…
|
-
|
CVE-2020-3387
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202016
|
6.5 |
MEDIUM
Adjacent
|
cisco
|
sd-wan_firmware
vedge_cloud_router
|
A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected …
|
NVD-CWE-noinfo
|
CVE-2020-3385
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202017
|
8.8 |
HIGH
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in the web management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct directory traversal attacks and obtain read and write access …
|
CWE-22
Path Traversal
|
CVE-2020-3381
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202018
|
7.8 |
HIGH
Local
|
cisco
|
data_center_network_manager
|
A vulnerability in the CLI of Cisco Data Center Network Manager (DCNM) could allow an authenticated, local attacker to elevate privileges to root and execute arbitrary commands on the underlying oper…
|
CWE-88
Argument Injection
|
CVE-2020-3380
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202019
|
4.3 |
MEDIUM
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitr…
|
CWE-89
SQL Injection
|
CVE-2020-3378
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202020
|
6.5 |
MEDIUM
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service (…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-3372
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
