Citrix Sd-Wan 400 Firmware vulnerabilities

2 known vulnerabilities affecting citrix/sd-wan_400_firmware.

Total CVEs

2

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

MEDIUM1LOW1

Vulnerabilities

Page 1 of 1

CVE-2024-2049MEDIUMCVSS 5.3≥ 11.4.0, < 11.4.4.462024-03-12

CVE-2024-2049 [MEDIUM] CWE-918 CVE-2024-2049: Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP.

CVE-2022-27506LOWCVSS 2.7fixed in 11.4.12022-04-13

CVE-2022-27506 [LOW] CWE-798 CVE-2022-27506: Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI