Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ios_xe
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 489 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-03-23 | CVE-2023-20072 | A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of large fragmented tunnel protocol packets. One example of a tunnel protocol is Generic Routing Encapsulation (GRE). An attacker could exploit this vulnerability by sending crafted fragmented packets to... | Ios_xe | 8.6 | ||
| 2023-03-23 | CVE-2023-20082 | A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to errors that occur when retrieving the public release key that is used for image signature verification. An attacker could exploit this vulnerability by modifying specific variables... | Ios_xe | 6.8 | ||
| 2023-03-23 | CVE-2023-20097 | A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root... | Aironet_access_point_software, Ios_xe, Wireless_lan_controller_software | 6.7 | ||
| 2023-03-23 | CVE-2023-20100 | A vulnerability in the access point (AP) joining process of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error that occurs when certain conditions are met during the AP joining process. An attacker could exploit this vulnerability by adding an AP that is... | Ios_xe | 6.8 | ||
| 2017-08-07 | CVE-2017-6770 | Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The... | Adaptive_security_appliance_software, Ios, Ios_xe, Nx\-Os, Nx\-Os_for_nexus_5500_platform_switches, Nx\-Os_for_nexus_5600_platform_switches, Nx\-Os_for_nexus_7700_series_switches | 4.2 | ||
| 2016-04-21 | CVE-2015-6360 | The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686. | Adaptive_security_appliance_software, Dx_series_ip_phones_firmware, Ios_xe, Ip_phone_7800_series_firmware, Ip_phone_8800_series_firmware, Jabber_software_development_kit, Libsrtp, Unified_communications_manager, Unified_ip_phone_6900_series_firmware, Unified_ip_phone_7900_series_firmware, Unified_ip_phone_8900_series_firmware, Unified_wireless_ip_phone_7920_firmware, Unity_connection, Webex_meeting_center | 7.5 | ||
| 2019-09-25 | CVE-2019-12671 | A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system (OS). The vulnerability is due to insufficient enforcement of the consent token in authorizing shell access. An attacker could exploit this vulnerability by authenticating to the CLI and requesting shell access on an affected device. A successful exploit could allow the attacker to gain shell access... | Ios_xe | 7.8 | ||
| 2020-09-24 | CVE-2020-3404 | A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient enforcement of the consent token in authorizing shell access. An attacker could exploit this vulnerability by authenticating to the persistent Telnet/SSH CLI on an affected device and requesting... | Ios_xe | 7.8 | ||
| 2020-09-24 | CVE-2020-3407 | A vulnerability in the RESTCONF and NETCONF-YANG access control list (ACL) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of the ACL that is tied to the RESTCONF or NETCONF-YANG feature. An attacker could exploit this vulnerability by accessing the device using RESTCONF or NETCONF-YANG. A successful exploit could allow an attacker to cause the device to reload, resulting in a... | Ios_xe | 8.6 | ||
| 2020-09-24 | CVE-2020-3408 | A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an... | Ios, Ios_xe | 8.6 |