Vulnerabilities > Cisco > SD WAN > 20.1.12

DATE CVE VULNERABILITY TITLE RISK
2023-03-23 CVE-2023-20113 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Sd-Wan
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
network
low complexity
cisco CWE-352
8.1
8.1
2022-09-30 CVE-2022-20818 Path Traversal vulnerability in Cisco products
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.
local
low complexity
cisco CWE-22
7.8
7.8
2022-09-30 CVE-2022-20930 OS Command Injection vulnerability in Cisco products
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system.
local
low complexity
cisco CWE-78
6.7
6.7
2022-04-15 CVE-2022-20716 Unspecified vulnerability in Cisco products
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges.
local
low complexity
cisco
7.8
7.8
2020-11-06 CVE-2020-27128 Path Traversal vulnerability in Cisco Sd-Wan
A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write arbitrary files to an affected system.
network
low complexity
cisco CWE-22
6.5
6.5