Vulnerabilities > Cisco > Vmanage Network Management System > High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-05	CVE-2018-0434	Improper Certificate Validation vulnerability in Cisco products A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. network high complexity cisco CWE-295	7.4
2018-10-05	CVE-2018-0433	OS Command Injection vulnerability in Cisco products A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. local low complexity cisco CWE-78	7.8
2018-10-05	CVE-2018-0432	OS Command Injection vulnerability in Cisco products A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. network low complexity cisco CWE-78	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.