Every CVE whose affected-product data names Cisco Sd-wan, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2020-3374 — CVSS 9.9 (critical): A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to…
CVE-2018-15387 — CVSS 9.8 (critical): A vulnerability in the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass certificate validation on an…
CVE-2020-3375 — CVSS 9.8 (critical): A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected…
CVE-2019-1624 — CVSS 8.8 (high): A vulnerability in the vManage web-based UI (Web UI) in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject…
CVE-2019-1650 — CVSS 8.8 (high): A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying…
CVE-2019-1647 — CVSS 8.0 (high): A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to bypass authentication and have direct…
CVE-2020-3595 — CVSS 7.8 (high): A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying…
CVE-2019-1646 — CVSS 7.8 (high): A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and…
CVE-2019-1648 — CVSS 7.8 (high): A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated…
CVE-2020-3180 — CVSS 7.8 (high): A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an…
CVE-2020-3593 — CVSS 7.8 (high): A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying…
CVE-2020-3594 — CVSS 7.8 (high): A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying…
CVE-2020-3600 — CVSS 7.8 (high): A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying…
CVE-2022-20716 — CVSS 7.8 (high): A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This…
CVE-2022-20818 — CVSS 7.8 (high): Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges…
CVE-2023-20034 — CVSS 7.5 (high): Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to…
CVE-2021-34726 — CVSS 6.7 (medium): A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be…
CVE-2022-20930 — CVSS 6.7 (medium): A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on…
CVE-2023-20113 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to…
CVE-2021-1589 — CVSS 6.5 (medium): A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain…
CVE-2020-27128 — CVSS 6.5 (medium): A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write…
CVE-2021-1612 — CVSS 5.5 (medium): A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the…
CVE-2022-20850 — CVSS 5.5 (medium): A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local…
CVE-2020-3536 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to…
CVE-2021-1614 — CVSS 5.3 (medium): A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an…
CVE-2022-20844 — CVSS 5.3 (medium): A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could…