Cisco Sd-Wan vulnerabilities

CVE-2023-20034 [HIGH] CWE-798 CVE-2023-20034: Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to access the Elasticsearch configuration database of an affected device with the privileges of the elasticsearch user. These vulnerability is due to the presence of a static username and password configured on the v

CVE-2023-20113 [MEDIUM] CWE-352 CVE-2023-20113: A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow a A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected system. An attacker could

CVE-2022-20775 [HIGH] CWE-25 CVE-2022-20775: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit cou

CVE-2022-20818 [HIGH] CWE-25 CVE-2022-20818: Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local att Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful explo

CVE-2022-20850 [MEDIUM] CWE-22 CVE-2022-20850: A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software cou A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path in

CVE-2022-20930 [MEDIUM] CWE-88 CVE-2022-20930: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful

CVE-2022-20844 [MEDIUM] CWE-798 CVE-2022-20844: A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Con A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination. This vulnerability exists because the GUI is accessible on self-managed cloud in

CVE-2022-20716 [HIGH] CWE-284 CVE-2022-20716: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on the vulnerable device. If successful, the attacker could

CVE-2021-1612 [MEDIUM] CWE-61 CVE-2021-1612: A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local fi

CVE-2021-34726 [MEDIUM] CWE-77 CVE-2021-34726: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerabilit

CVE-2021-1589 [MEDIUM] CWE-256 CVE-2021-1589: A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an aut A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain unauthorized access to user credentials. This vulnerability exists because access to API endpoints is not properly restricted. An attacker could exploit this vulnerability by sending a request to an API endpoint. A su

CVE-2021-1614 [MEDIUM] CWE-126 CVE-2021-1614: A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. This vulnerability is due to insufficient handling of malformed MPLS packets that are processed by a device that is running Cisco SD-WA

CVE-2020-3600 [HIGH] CWE-269 CVE-2020-3600: A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate pri A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient security controls on the CLI. An attacker could exploit this vulnerability by using an affected CLI utility that is running on an affected system. A successful ex

CVE-2020-3594 [HIGH] CWE-269 CVE-2020-3594: A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate pri A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted options to a specific command. A successful exploit could allow the attacker t

CVE-2020-3593 [HIGH] CWE-269 CVE-2020-3593: A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate pri A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to a utility that is running on an affected system. A successful explo

CVE-2020-3595 [HIGH] CWE-269 CVE-2020-3595: A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate pri A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying operating system. The vulnerability is due to incorrect permissions being set when the affected command is executed. An attacker could exploit this vulnerability by executing the affected command on an affected syst

CVE-2020-27128 [MEDIUM] CWE-22 CVE-2020-27128: A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an au A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write arbitrary files to an affected system. The vulnerability is due to improper validation of requests to APIs. An attacker could exploit this vulnerability by sending malicious requests to an API within the affected a

CVE-2020-3536 [MEDIUM] CWE-79 CVE-2020-3536: A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow a A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit

CVE-2020-3374 [CRITICAL] CWE-285 CVE-2020-3374: A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow a A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization, enabling them to access sensitive information, modify the system configuration, or impact the availability of the affected system. The vulnerability is due to insufficient authorization checkin

CVE-2020-3375 [CRITICAL] CWE-119 CVE-2020-3375: A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to