Cisco Catalyst Sd-Wan Manager vulnerabilities

CVE-2021-1480 [HIGH] CWE-119 CVE-2021-1480: Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote att Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2021-1137 [HIGH] CWE-119 CVE-2021-1137: Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote att Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2020-3579 [MEDIUM] CWE-79 CVE-2020-3579: A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow a A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could explo

CVE-2020-3592 [MEDIUM] CWE-284 CVE-2020-3592: A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow a A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system. The vulnerability is due to insufficient authorization checking on an affected system. An attacker could exploit this vulnerability by sending c

CVE-2020-3590 [MEDIUM] CWE-79 CVE-2020-3590: A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could all A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnera

CVE-2020-3587 [MEDIUM] CWE-79 CVE-2020-3587: A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could all A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnera

CVE-2020-3591 [MEDIUM] CWE-79 CVE-2020-3591: A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could all A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exp