Every CVE whose affected-product data names Cisco Sd-wan Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (41)
CVE-2021-1300 — CVSS 9.8 (critical): Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected…
CVE-2021-1301 — CVSS 9.8 (critical): Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected…
CVE-2020-3387 — CVSS 8.8 (high): A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to execute code with root privileges on an…
CVE-2021-1305 — CVSS 8.8 (high): Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote…
CVE-2019-1626 — CVSS 8.8 (high): A vulnerability in the vManage web-based UI (Web UI) of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain…
CVE-2021-1299 — CVSS 8.8 (high): Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an…
CVE-2020-3115 — CVSS 8.8 (high): A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges…
CVE-2020-3381 — CVSS 8.8 (high): A vulnerability in the web management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct…
CVE-2021-1298 — CVSS 8.8 (high): Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an…
CVE-2021-1273 — CVSS 8.6 (high): Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS)…
CVE-2021-1279 — CVSS 8.6 (high): Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS)…
CVE-2021-1241 — CVSS 8.6 (high): Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS)…
CVE-2020-3351 — CVSS 8.6 (high): A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS)…
CVE-2021-1278 — CVSS 8.6 (high): Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS)…
CVE-2021-1274 — CVSS 8.6 (high): Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS)…
CVE-2019-16012 — CVSS 8.1 (high): A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL…
CVE-2020-3265 — CVSS 7.8 (high): A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the…
CVE-2019-1625 — CVSS 7.8 (high): A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the…
CVE-2020-3266 — CVSS 7.8 (high): A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that…
CVE-2020-3379 — CVSS 7.8 (high): A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on…
CVE-2020-3388 — CVSS 7.8 (high): A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands that…
CVE-2021-1260 — CVSS 7.8 (high): Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an…
CVE-2021-1261 — CVSS 7.8 (high): Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an…
CVE-2021-1262 — CVSS 7.8 (high): Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an…
CVE-2021-1263 — CVSS 7.8 (high): Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an…
CVE-2020-3369 — CVSS 7.5 (high): A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to…
CVE-2020-3405 — CVSS 7.3 (high): A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access…
CVE-2019-12629 — CVSS 7.2 (high): A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary…
CVE-2020-3264 — CVSS 7.1 (high): A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected…
CVE-2020-3437 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to…
CVE-2020-3385 — CVSS 6.5 (medium): A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker…
CVE-2019-16002 — CVSS 6.5 (medium): A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to…
CVE-2020-3372 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to…
CVE-2019-12619 — CVSS 6.5 (medium): A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the…
CVE-2020-3401 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to…
CVE-2019-1951 — CVSS 5.8 (medium): A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and…
CVE-2020-3406 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to…
CVE-2020-3468 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to…
CVE-2019-16010 — CVSS 4.8 (medium): A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site…
CVE-2021-1233 — CVSS 4.4 (medium): A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information on an…
CVE-2020-3378 — CVSS 4.3 (medium): A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to…