CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3406

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.9%

CVSS Severity

CVSS v3 Score 6.4

CVSS v2 Score 3.5

References

Products affected by CVE-2020-3406

Cisco » Sd-Wan Firmware » Version: N/A

cpe:2.3:o:cisco:sd-wan_firmware:-
Cisco » Sd-Wan Firmware » Version: 16.12.1b

cpe:2.3:o:cisco:sd-wan_firmware:16.12.1b
Cisco » Sd-Wan Firmware » Version: 16.12.1d

cpe:2.3:o:cisco:sd-wan_firmware:16.12.1d
Cisco » Sd-Wan Firmware » Version: 16.12.1e

cpe:2.3:o:cisco:sd-wan_firmware:16.12.1e
Cisco » Sd-Wan Firmware » Version: 16.12.2r

cpe:2.3:o:cisco:sd-wan_firmware:16.12.2r
Cisco » Sd-Wan Firmware » Version: 17.2.0

cpe:2.3:o:cisco:sd-wan_firmware:17.2.0
Cisco » Sd-Wan Firmware » Version: 17.2.10

cpe:2.3:o:cisco:sd-wan_firmware:17.2.10
Cisco » Sd-Wan Firmware » Version: 17.2.4

cpe:2.3:o:cisco:sd-wan_firmware:17.2.4
Cisco » Sd-Wan Firmware » Version: 17.2.5

cpe:2.3:o:cisco:sd-wan_firmware:17.2.5
Cisco » Sd-Wan Firmware » Version: 17.2.6

cpe:2.3:o:cisco:sd-wan_firmware:17.2.6
Cisco » Sd-Wan Firmware » Version: 17.2.7

cpe:2.3:o:cisco:sd-wan_firmware:17.2.7
Cisco » Sd-Wan Firmware » Version: 17.2.8

cpe:2.3:o:cisco:sd-wan_firmware:17.2.8
Cisco » Sd-Wan Firmware » Version: 17.2.9

cpe:2.3:o:cisco:sd-wan_firmware:17.2.9
Cisco » Sd-Wan Firmware » Version: 18.2.0

cpe:2.3:o:cisco:sd-wan_firmware:18.2.0
Cisco » Sd-Wan Firmware » Version: 18.3.0

cpe:2.3:o:cisco:sd-wan_firmware:18.3.0
Cisco » Sd-Wan Firmware » Version: 18.3.1

cpe:2.3:o:cisco:sd-wan_firmware:18.3.1
Cisco » Sd-Wan Firmware » Version: 18.3.3

cpe:2.3:o:cisco:sd-wan_firmware:18.3.3
Cisco » Sd-Wan Firmware » Version: 18.3.3.1

cpe:2.3:o:cisco:sd-wan_firmware:18.3.3.1
Cisco » Sd-Wan Firmware » Version: 18.3.4

cpe:2.3:o:cisco:sd-wan_firmware:18.3.4
Cisco » Sd-Wan Firmware » Version: 18.3.5

cpe:2.3:o:cisco:sd-wan_firmware:18.3.5
Cisco » Sd-Wan Firmware » Version: 18.3.6

cpe:2.3:o:cisco:sd-wan_firmware:18.3.6
Cisco » Sd-Wan Firmware » Version: 18.3.7

cpe:2.3:o:cisco:sd-wan_firmware:18.3.7
Cisco » Sd-Wan Firmware » Version: 18.3.8

cpe:2.3:o:cisco:sd-wan_firmware:18.3.8
Cisco » Sd-Wan Firmware » Version: 18.4.0

cpe:2.3:o:cisco:sd-wan_firmware:18.4.0
Cisco » Sd-Wan Firmware » Version: 18.4.1

cpe:2.3:o:cisco:sd-wan_firmware:18.4.1
Cisco » Sd-Wan Firmware » Version: 18.4.3

cpe:2.3:o:cisco:sd-wan_firmware:18.4.3
Cisco » Sd-Wan Firmware » Version: 18.4.302

cpe:2.3:o:cisco:sd-wan_firmware:18.4.302
Cisco » Sd-Wan Firmware » Version: 18.4.303

cpe:2.3:o:cisco:sd-wan_firmware:18.4.303
Cisco » Sd-Wan Firmware » Version: 18.4.4

cpe:2.3:o:cisco:sd-wan_firmware:18.4.4
Cisco » Sd-Wan Firmware » Version: 18.4.5

cpe:2.3:o:cisco:sd-wan_firmware:18.4.5
Cisco » Sd-Wan Firmware » Version: 18.4.6

cpe:2.3:o:cisco:sd-wan_firmware:18.4.6
Cisco » Sd-Wan Firmware » Version: 19.1.0

cpe:2.3:o:cisco:sd-wan_firmware:19.1.0
Cisco » Sd-Wan Firmware » Version: 19.2.0

cpe:2.3:o:cisco:sd-wan_firmware:19.2.0
Cisco » Sd-Wan Firmware » Version: 19.2.1

cpe:2.3:o:cisco:sd-wan_firmware:19.2.1
Cisco » Sd-Wan Firmware » Version: 19.2.2

cpe:2.3:o:cisco:sd-wan_firmware:19.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3406

Products

Pricing

Contact Us