20.6.7

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-25	CVE-2024-20475	Cross-site Scripting vulnerability in Cisco Catalyst Sd-Wan Manager A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. network low complexity cisco CWE-79	5.4
2023-09-27	CVE-2023-20262	Unspecified vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. network low complexity cisco	7.5