Vulnerabilities > Cisco > SD WAN > 20.1

DATE CVE VULNERABILITY TITLE RISK
2020-10-08 CVE-2020-3536 Cross-site Scripting vulnerability in Cisco Sd-Wan
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
cisco CWE-79
3.5
3.5
2020-07-31 CVE-2020-3375 Improper Input Validation vulnerability in Cisco IOS XE Sd-Wan and Sd-Wan
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device.
network
low complexity
cisco CWE-20
critical
 10.0
10
2020-07-31 CVE-2020-3374 Incorrect Authorization vulnerability in Cisco Sd-Wan
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization, enabling them to access sensitive information, modify the system configuration, or impact the availability of the affected system.
network
low complexity
cisco CWE-863
critical
 9.0
9.0