Vulnerabilities > Cisco > SD WAN Vmanage
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-1486 | Information Exposure Through Discrepancy vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to enumerate user accounts. | 5.3 |
| 2021-05-06 | CVE-2021-1505 | Missing Authorization vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application. | 8.8 |
| 2021-05-06 | CVE-2021-1506 | Missing Authorization vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application. | 7.2 |
| 2021-05-06 | CVE-2021-1507 | Cross-site Scripting vulnerability in Cisco Sd-Wan Vmanage A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the application web-based interface. | 5.4 |
| 2021-05-06 | CVE-2021-1508 | Missing Authorization vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application. | 8.8 |
| 2021-05-06 | CVE-2021-1512 | Files or Directories Accessible to External Parties vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. | 6.0 |
| 2021-05-06 | CVE-2021-1514 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. | 7.8 |
| 2021-05-06 | CVE-2021-1515 | Unspecified vulnerability in Cisco Sd-Wan Vmanage A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. low complexity cisco | 4.3 |
| 2021-05-06 | CVE-2021-1535 | Exposure of System Data to an Unauthorized Control Sphere vulnerability in Cisco Sd-Wan Vmanage A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. | 5.3 |
| 2021-04-08 | CVE-2021-1480 | Improper Input Validation vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. | 7.8 |