Vulnerabilities > Cisco > IOS XE SD WAN

DATE CVE VULNERABILITY TITLE RISK
2021-03-24 CVE-2021-1454 Argument Injection or Modification vulnerability in Cisco IOS XE and IOS XE Sd-Wan
Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges.
local
low complexity
cisco CWE-88
6.7
6.7
2021-03-24 CVE-2021-1432 Injection vulnerability in Cisco IOS XE and IOS XE Sd-Wan
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user.
local
low complexity
cisco CWE-74
7.3
7.3
2021-03-24 CVE-2021-1383 Argument Injection or Modification vulnerability in Cisco IOS XE
Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges.
local
low complexity
cisco CWE-88
6.7
6.7
2021-01-20 CVE-2021-1241 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device.
network
low complexity
cisco CWE-119
7.5
7.5
2021-01-20 CVE-2021-1305 Incorrect Authorization vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access.
network
low complexity
cisco CWE-863
4.3
4.3
2021-01-20 CVE-2021-1301 Improper Input Validation vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device.
network
low complexity
cisco CWE-20
critical
 9.8
9.8
2021-01-20 CVE-2021-1300 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device.
network
low complexity
cisco CWE-119
critical
 9.8
9.8
2021-01-20 CVE-2021-1279 Improper Input Validation vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device.
network
low complexity
cisco CWE-20
8.6
8.6
2021-01-20 CVE-2021-1278 Link Following vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device.
network
low complexity
cisco CWE-59
7.5
7.5
2021-01-20 CVE-2021-1274 NULL Pointer Dereference vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device.
network
low complexity
cisco CWE-476
8.6
8.6