Vulnerabilities > Cisco > SD WAN Vmanage > 19.2.2

DATE CVE VULNERABILITY TITLE RISK
2020-11-06 CVE-2020-3587 Cross-site Scripting vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage
A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user.
network
low complexity
cisco CWE-79
6.4
6.4
2020-11-06 CVE-2020-3579 Cross-site Scripting vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
6.1
6.1
2020-11-06 CVE-2020-27129 Argument Injection or Modification vulnerability in Cisco Sd-Wan Vmanage
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges.
local
low complexity
cisco CWE-88
6.7
6.7