Vulnerabilities > Cisco > IOS XE SD WAN > 16.10.0

DATE CVE VULNERABILITY TITLE RISK
2022-09-30 CVE-2022-20850 Improper Input Validation vulnerability in Cisco products
A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device.
local
low complexity
cisco CWE-20
7.1
7.1
2021-09-23 CVE-2021-34724 Unspecified vulnerability in Cisco IOS XE Sd-Wan
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user.
local
low complexity
cisco
6.0
6.0
2021-09-23 CVE-2021-34729 OS Command Injection vulnerability in Cisco IOS XE and IOS XE Sd-Wan
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device.
local
low complexity
cisco CWE-78
6.7
6.7
2020-06-03 CVE-2020-3216 Improper Authentication vulnerability in Cisco IOS XE Sd-Wan
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device.
low complexity
cisco CWE-287
6.8
6.8