Vulnerabilities > Cisco > SD WAN Vmanage

DATE CVE VULNERABILITY TITLE RISK
2021-05-06 CVE-2021-1486 Unspecified vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage
A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to enumerate user accounts.
network
low complexity
cisco
5.3
2021-05-06 CVE-2021-1505 Missing Authorization vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application.
network
low complexity
cisco CWE-862
8.8
2021-05-06 CVE-2021-1506 Missing Authorization vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application.
network
low complexity
cisco CWE-862
7.2
2021-05-06 CVE-2021-1507 Cross-site Scripting vulnerability in Cisco Sd-Wan Vmanage
A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the application web-based interface.
network
low complexity
cisco CWE-79
5.4
2021-05-06 CVE-2021-1508 Missing Authorization vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application.
network
low complexity
cisco CWE-862
8.8
2021-05-06 CVE-2021-1512 Unspecified vulnerability in Cisco products
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system.
local
low complexity
cisco
6.0
2021-05-06 CVE-2021-1514 OS Command Injection vulnerability in Cisco products
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system.
local
low complexity
cisco CWE-78
7.8
2021-05-06 CVE-2021-1515 Unspecified vulnerability in Cisco Sd-Wan Vmanage
A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information.
low complexity
cisco
4.3
2021-05-06 CVE-2021-1535 Unspecified vulnerability in Cisco Sd-Wan Vmanage
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system.
network
low complexity
cisco
5.3
2021-04-08 CVE-2021-1480 Improper Input Validation vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system.
local
low complexity
cisco CWE-20
7.8