Vulnerabilities > Cisco > Vmanage Network Management System

DATE CVE VULNERABILITY TITLE RISK
2018-10-05 CVE-2018-0434 Improper Certificate Validation vulnerability in Cisco products
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate.
network
high complexity
cisco CWE-295
7.4
2018-10-05 CVE-2018-0433 OS Command Injection vulnerability in Cisco products
A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges.
local
low complexity
cisco CWE-78
7.8
2018-10-05 CVE-2018-0432 OS Command Injection vulnerability in Cisco products
A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device.
network
low complexity
cisco CWE-78
8.8