19.2.99

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-23	CVE-2023-20113	Cross-Site Request Forgery (CSRF) vulnerability in Cisco Sd-Wan A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. network low complexity cisco CWE-352	8.1
2022-09-30	CVE-2022-20818	Path Traversal vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. local low complexity cisco CWE-22	7.8
2022-09-30	CVE-2022-20930	OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. local low complexity cisco CWE-78	6.7
2022-04-15	CVE-2022-20716	Unspecified vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. local low complexity cisco	7.8
2020-11-06	CVE-2020-3600	Incorrect Authorization vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. local low complexity cisco CWE-863	7.8
2020-11-06	CVE-2020-3595	Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying operating system. local low complexity cisco CWE-732	7.8
2020-11-06	CVE-2020-3594	Improper Privilege Management vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. local low complexity cisco CWE-269	7.8
2020-11-06	CVE-2020-3593	Improper Privilege Management vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. local low complexity cisco CWE-269	7.8
2020-11-06	CVE-2020-27128	Path Traversal vulnerability in Cisco Sd-Wan A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write arbitrary files to an affected system. network low complexity cisco CWE-22	6.5
2020-10-08	CVE-2020-3536	Cross-site Scripting vulnerability in Cisco Sd-Wan A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. network low complexity cisco CWE-79	5.4