Versa-networks Versa Director — known CVE vulnerabilities
Every CVE whose affected-product data names Versa-networks Versa Director, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2019-25029 — CVSS 9.8 (critical): In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via…
CVE-2025-23168 — CVSS 6.3 (medium): The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using One-Time Passcodes (OTP) delivered via…
CVE-2021-39285 — CVSS 6.1 (medium): A XSS vulnerability exists in Versa Director Release: 16.1R2 Build: S8. An attacker can use the administration web interface URL to create…
CVE-2019-25030 — CVSS 5.5 (medium): In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation…
CVE-2018-16498 — CVSS 5.5 (medium): In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These…