Vulnerabilities > Cisco > Catalyst SD WAN Manager > 17.2.8

DATE CVE VULNERABILITY TITLE RISK
2023-10-18 CVE-2023-20261 Unspecified vulnerability in Cisco Catalyst Sd-Wan Manager
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the web UI.
network
low complexity
cisco
6.5
6.5
2023-08-04 CVE-2020-26064 XXE vulnerability in Cisco Catalyst Sd-Wan Manager
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files.
network
low complexity
cisco CWE-611
8.1
8.1
2023-08-04 CVE-2020-26065 Path Traversal vulnerability in Cisco Catalyst Sd-Wan Manager
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests.
network
low complexity
cisco CWE-22
6.5
6.5
2021-05-06 CVE-2021-1513 Improper Input Validation vulnerability in Cisco products
A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
7.5
7.5