Citrix: >> Sd-Wan 2100 Security Vulnerabilities
Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-03-12
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-04-15
Reflected cross site scripting (XSS)
CVSS Score
6.1
EPSS Score
0.007
Published
2022-04-13
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI
CVSS Score
2.7
EPSS Score
0.003
Published
2022-04-13