Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-16 | CVE-2020-3388 | Improper Authentication vulnerability in Cisco Sd-Wan Firmware A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.8 |
| 2020-07-16 | CVE-2020-3387 | Improper Input Validation vulnerability in Cisco Sd-Wan Firmware A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to execute code with root privileges on an affected system. | 8.8 |
| 2020-07-16 | CVE-2020-3381 | Path Traversal vulnerability in Cisco Sd-Wan Firmware A vulnerability in the web management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct directory traversal attacks and obtain read and write access to sensitive files on a targeted system. | 8.8 |
| 2020-07-16 | CVE-2020-3380 | Argument Injection or Modification vulnerability in Cisco Data Center Network Manager A vulnerability in the CLI of Cisco Data Center Network Manager (DCNM) could allow an authenticated, local attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system. | 7.8 |
| 2020-07-16 | CVE-2020-3379 | Improper Input Validation vulnerability in Cisco products A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. | 7.8 |
| 2020-07-16 | CVE-2020-3369 | Unspecified vulnerability in Cisco Sd-Wan Firmware and Vedge Cloud Router A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2020-07-16 | CVE-2020-3358 | Improper Input Validation vulnerability in Cisco products A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker to cause the device to unexpectedly restart, causing a denial of service (DoS) condition. | 8.6 |
| 2020-07-16 | CVE-2020-3351 | Resource Exhaustion vulnerability in Cisco products A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |
| 2020-07-16 | CVE-2020-3332 | OS Command Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. | 8.8 |
| 2020-07-16 | CVE-2020-3180 | Insufficiently Protected Credentials vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. | 7.8 |