Cisco has addressed two critical security vulnerabilities in the SD-WAN vManage Software. One of which could allow an unauthenticated attacker to carry out remote code execution (RCE) Cisco also disclosed a denial-of-service issue and locally exploitable bugs that would allow an authenticated attacker to escalate privileges or gain unauthorized access to applications. The network giant also disclosed two bugs in the Cisco HyperFlex HX platform, one of which is rated critical. The HyperX software is used to manage hybrid IT environments across traditional and cloud-native applications.
Source: https://threatpost.com/critical-cisco-sd-wan-hyperflex-bugs/165923/