Vulnerabilities > Cisco > Catalyst SD WAN Manager > 20.6.1.0.1

DATE CVE VULNERABILITY TITLE RISK
2024-09-25 CVE-2024-20475 Cross-site Scripting vulnerability in Cisco Catalyst Sd-Wan Manager
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input.
network
low complexity
cisco CWE-79
5.4
5.4
2023-09-27 CVE-2023-20262 Unspecified vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage
A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only.
network
low complexity
cisco
7.5
7.5
2022-09-30 CVE-2022-20775 Path Traversal vulnerability in Cisco products
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.
local
low complexity
cisco CWE-22
7.8
7.8
2022-05-04 CVE-2022-20734 Information Exposure vulnerability in Cisco Catalyst Sd-Wan Manager
A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system.
local
low complexity
cisco CWE-200
4.4
4.4