Vulnerabilities > Cisco > SD WAN Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-19 | CVE-2020-3264 | Classic Buffer Overflow vulnerability in Cisco Sd-Wan Firmware A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. | 7.1 |
| 2020-03-19 | CVE-2019-16012 | SQL Injection vulnerability in Cisco Sd-Wan Firmware A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 8.1 |
| 2020-01-26 | CVE-2020-3115 | Improper Privilege Management vulnerability in Cisco Sd-Wan Firmware 18.4.1/19.1.0 A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. | 8.8 |
| 2020-01-26 | CVE-2019-12629 | OS Command Injection vulnerability in Cisco Sd-Wan Firmware A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. | 7.2 |
| 2019-06-20 | CVE-2019-1626 | Incorrect Authorization vulnerability in Cisco Sd-Wan Firmware A vulnerability in the vManage web-based UI (Web UI) of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected vManage device. | 8.8 |
| 2019-06-20 | CVE-2019-1625 | Unspecified vulnerability in Cisco Sd-Wan Firmware A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. | 7.8 |