Filtered by vendor Cisco Subscriptions
Filtered by product Sd-wan Vedge Router Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-20655 1 Cisco 8 Carrier Packet Transport, Catalyst Sd-wan Manager, Enterprise Nfv Infrastructure Software and 5 more 2024-11-18 8.8 High
A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.
CVE-2022-20717 2 Cisco, Citrix 9 1100 Integrated Services Router, Sd-wan Vedge Router, Sd-wan 1000 and 6 more 2024-11-06 5.5 Medium
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.
CVE-2022-20716 1 Cisco 7 Catalyst Sd-wan Manager, Sd-wan, Sd-wan Solution and 4 more 2024-11-06 7.8 High
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on the vulnerable device. If successful, the attacker could gain escalated privileges and take actions on the system with the privileges of the root user.