Cisco Ios Xe Catalyst Sd-Wan vulnerabilities
5 known vulnerabilities affecting cisco/cisco_ios_xe_catalyst_sd-wan.
Total CVEs
5
CISA KEV
1
actively exploited
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-20352HIGHCVSS 7.7KEVv16.9.1v16.9.2+19 more2025-09-24
CVE-2025-20352 [HIGH] CWE-121 CVE-2025-20352: A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following:
An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS,
cvelistv5nvd
CVE-2025-20151MEDIUMCVSS 4.3v16.10.6v16.12.3+28 more2025-05-07
CVE-2025-20151 [MEDIUM] CWE-16 CVE-2025-20151: A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) f
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is remo
cvelistv5nvd
CVE-2022-20655HIGHCVSS 8.8vN/A2024-11-15
CVE-2022-20655 [HIGH] CWE-78 CVE-2022-20655: A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an au
A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack.
The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of
cvelistv5nvd
CVE-2024-20373MEDIUMCVSS 5.3v16.10.6v16.12.3+18 more2024-11-15
CVE-2024-20373 [MEDIUM] CWE-284 CVE-2024-20373: A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access c
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.
This vulnerability exists because
cvelistv5nvd
CVE-2024-20455HIGHCVSS 8.6v17.5.1av17.6.1a+12 more2024-09-25
CVE-2024-20455 [HIGH] CWE-371 CVE-2024-20455: A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (
A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability exists because UTD improperly handles certain packets as th
cvelistv5nvd