CVSS: 6.5EPSS: 0%CPEs: 44EXPL: 0CVE-2020-26066 – Cisco SD-WAN vManage Software XML External Entity Vulnerability
https://notcve.org/view.php?id=CVE-2020-26066
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by persuading a user to import a crafted XML file with malicious entries. A successful exploit could allow the attacker to read and write files within the affected application.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 8.4EPSS: 0%CPEs: 148EXPL: 0CVE-2020-26071 – Cisco SD-WAN vEdge Arbitrary File Creation Vulnerability
https://notcve.org/view.php?id=CVE-2020-26071
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation for specific commands. An attacker could exploit this vulnerability by including crafted arguments to those specific commands. A successful exploit could allow the attacker to create or overwrite arbitrary files on the affected device, which could result in a DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Una vulnerabilidad en la CLI del software Cisco SD-WAN podría permitir que un atacante local autenticado cree o sobrescriba archivos arbitrarios en un dispositivo afectado, lo que podría generar una condición de denegación de servicio (DoS). • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 45EXPL: 0CVE-2020-26073 – Cisco SD-WAN vManage Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2020-26073
A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of directory traversal character sequences within requests to application programmatic interfaces (APIs). An attacker could exploit this vulnerability by sending malicious requests to an API within the affected application. A successful exploit could allow the attacker to conduct directory traversal attacks and gain access to sensitive information including credentials or user tokens.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Una vulnerabilidad en los puntos finales de datos de la aplicación de Cisco SD-WAN vManage Software podría permitir que un atacante remoto no autenticado obtenga acceso a información confidencial. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-traversal-hQh24tmk https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-escalation-Jhqs5Skf • CWE-35: Path Traversal: '.../ •
CVSS: 7.8EPSS: 0%CPEs: 45EXPL: 0CVE-2020-26074 – Cisco SD-WAN vManage Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-26074
A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The vulnerability is due to improper validation of path input to the system file transfer functions. An attacker could exploit this vulnerability by sending requests that contain specially crafted path variables to the vulnerable system. A successful exploit could allow the attacker to overwrite arbitrary files, allowing the attacker to modify the system in such a way that could allow the attacker to gain escalated privileges.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Una vulnerabilidad en las funciones de transferencia de archivos del sistema de Cisco SD-WAN vManage Software podría permitir que un atacante local autenticado obtenga privilegios elevados en el sistema operativo subyacente. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-escalation-Jhqs5Skf • CWE-250: Execution with Unnecessary Privileges •
CVSS: 5.3EPSS: 0%CPEs: 46EXPL: 0CVE-2021-1234 – Cisco SD-WAN vManage Information Disclosure Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-1234
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must be in cluster mode. This vulnerability is due to the absence of authentication for sensitive information in the cluster management interface. An attacker could exploit this vulnerability by sending a crafted request to the cluster management interface of an affected system. A successful exploit could allow the attacker to view sensitive information on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vmaninfdis3-OvdR6uu8 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •