Cisco sd-wan vmanage

This hub aggregates every CVE we track for Cisco sd-wan vmanage, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Cisco sd-wan vmanage.

• CVE-2023-20261A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to imp...6.5Oct 18, 2023
• CVE-2023-20179A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. This ...4.3Sep 27, 2023
• CVE-2023-20252A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthorized access to the ap...9.8Sep 27, 2023
• CVE-2023-20262A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This ...5.3Sep 27, 2023
• CVE-2023-20034Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to access the Elasticsearch configuration database of an aff...7.5Sep 27, 2023
• CVE-2023-20253A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll ...7.1Sep 27, 2023
• CVE-2023-20254A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being manag...7.2Sep 27, 2023
• CVE-2020-26064A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The...8.1Aug 4, 2023
• CVE-2020-26065A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sens...6.5Aug 4, 2023
• CVE-2023-20214A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write ...9.1Aug 3, 2023
• CVE-2023-20098A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files. This vulnerability is due to improper filtering of directory tr...4.4May 9, 2023
• CVE-2023-20113Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability6.5Mar 23, 2023
• CVE-2022-20830Cisco Software-Defined Application Visibility and Control on Cisco vManage Authentication Bypass Vulnerability5.3Oct 10, 2022
• CVE-2022-20930Cisco SD-WAN Software Arbitrary File Corruption Vulnerability6.7Sep 30, 2022
• CVE-2022-20844Cisco Software-Defined Application Visibility and Control on Cisco vManage Static Username and Password Vulnerability5.3Sep 30, 2022