Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-20717 | 2 Cisco, Citrix | 9 1100 Integrated Services Router, Sd-wan Vedge Router, Sd-wan 1000 and 6 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition. | |||||
CVE-2022-27506 | 1 Citrix | 26 Sd-wan 1000, Sd-wan 1000 Firmware, Sd-wan 110 and 23 more | 2024-02-28 | 6.8 MEDIUM | 2.7 LOW |
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI | |||||
CVE-2022-27505 | 1 Citrix | 24 Sd-wan 1000, Sd-wan 1000 Firmware, Sd-wan 110 and 21 more | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Reflected cross site scripting (XSS) |