Vulnerabilities > Cisco > SD WAN Vmanage > 20.4.1

DATE CVE VULNERABILITY TITLE RISK
2021-07-22 CVE-2021-34700 Insufficiently Protected Credentials vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage
A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system.
local
low complexity
cisco CWE-522
5.5
5.5
2021-05-06 CVE-2021-1507 Cross-site Scripting vulnerability in Cisco Sd-Wan Vmanage
A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the application web-based interface.
network
low complexity
cisco CWE-79
5.4
5.4
2021-05-06 CVE-2021-1535 Exposure of System Data to an Unauthorized Control Sphere vulnerability in Cisco Sd-Wan Vmanage
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system.
network
low complexity
cisco CWE-497
5.3
5.3