Vulnerabilities > Cisco > SD WAN Vbond Orchestrator
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-30 | CVE-2022-20775 | Path Traversal vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. | 7.8 |
| 2022-09-30 | CVE-2022-20818 | Path Traversal vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. | 7.8 |
| 2022-09-30 | CVE-2022-20850 | Improper Input Validation vulnerability in Cisco products A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. | 7.1 |
| 2022-09-30 | CVE-2022-20930 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. | 6.7 |
| 2022-04-15 | CVE-2022-20716 | Unspecified vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. | 7.8 |
| 2021-09-23 | CVE-2021-1546 | Information Exposure Through an Error Message vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. | 5.5 |
| 2021-06-04 | CVE-2021-1528 | Execution with Unnecessary Privileges vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. | 7.8 |
| 2021-05-06 | CVE-2021-1512 | Files or Directories Accessible to External Parties vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. | 6.0 |
| 2021-05-06 | CVE-2021-1513 | Improper Input Validation vulnerability in Cisco products A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. | 7.5 |
| 2021-05-06 | CVE-2021-1514 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. | 7.8 |