Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-20717 | 2 Cisco, Citrix | 9 1100 Integrated Services Router, Sd-wan Vedge Router, Sd-wan 1000 and 6 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition. | |||||
CVE-2022-20716 | 1 Cisco | 7 Catalyst Sd-wan Manager, Sd-wan, Sd-wan Solution and 4 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on the vulnerable device. If successful, the attacker could gain escalated privileges and take actions on the system with the privileges of the root user. |