Ios_xe - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Ios_xe
(Cisco)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	489

Date	Id	Summary	Products	Score	Patch	Annotated
2021-03-24	CVE-2021-1373	A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. The vulnerability is due to insufficient validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a malformed CAPWAP packet to an affected device....	Ios_xe	8.6
2021-04-29	CVE-2021-1495	Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.	Firepower_threat_defense, Ios_xe, Snort	5.3
2021-09-23	CVE-2021-34714	A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow...	Firepower_extensible_operating_system, Fxos, Ios, Ios_xe, Ios_xr, Nx\-Os	7.4
2021-09-23	CVE-2021-1565	Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit the vulnerabilities by sending a malformed CAPWAP packet to an affected device. A...	Catalyst_9800_firmware, Embedded_wireless_controller, Ios_xe	8.6
2021-09-23	CVE-2021-1611	A vulnerability in Ethernet over GRE (EoGRE) packet processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9800 Family Wireless Controller, Embedded Wireless Controller, and Embedded Wireless on Catalyst 9000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper processing of malformed EoGRE packets. An attacker could exploit this vulnerability by...	Ios_xe	8.6
2021-09-23	CVE-2021-1616	A vulnerability in the H.323 application level gateway (ALG) used by the Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass the ALG. This vulnerability is due to insufficient data validation of traffic that is traversing the ALG. An attacker could exploit this vulnerability by sending crafted traffic to a targeted device. A successful exploit could allow the attacker to bypass the ALG and open connections that should...	Ios_xe	4.7
2021-09-23	CVE-2021-1619	A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by...	Ios_xe, Ios_xe_sd\-Wan, Ios_xe_sd\-Wan_16\.10\.1_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.1_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.1_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.10\.1_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.10\.2_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.2_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.2_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.10\.2_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.10\.3_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.3_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.3_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.10\.3_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.10\.3a_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.3a_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.3a_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.10\.3a_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.10\.3a_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.10\.3b_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.3b_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.3b_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.10\.3b_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.10\.3b_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.10\.4_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.4_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.4_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.10\.4_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.10\.4_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.10\.5_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.5_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.5_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.10\.5_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.10\.5_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.10\.6_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.6_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.10\.6_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.10\.6_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.10\.6_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.11\.1_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.11\.1_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.11\.1_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.11\.1_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.11\.1a_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.11\.1a_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.11\.1a_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.11\.1a_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.11\.1a_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.11\.1b_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.11\.1b_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.11\.1b_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.11\.1b_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.11\.1b_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.11\.1d_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.11\.1d_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.11\.1f_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.11\.1s_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.11\.1s_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.11\.1s_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.11\.1s_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.11\.1s_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.1_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1_when_installed_on_1100_series_industrial_integrated_services, Ios_xe_sd\-Wan_16\.12\.1_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.12\.1_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.1_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.1a_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1a_when_installed_on_1100_series_industrial_integrated_services, Ios_xe_sd\-Wan_16\.12\.1a_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1a_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.12\.1a_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.1a_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.1b1_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1b1_when_installed_on_1100_series_industrial_integrated_services, Ios_xe_sd\-Wan_16\.12\.1b1_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1b1_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.12\.1b1_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.1b1_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.1b_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1b_when_installed_on_1100_series_industrial_integrated_services, Ios_xe_sd\-Wan_16\.12\.1b_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1b_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.12\.1b_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.1b_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.1c_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1c_when_installed_on_1100_series_industrial_integrated_services, Ios_xe_sd\-Wan_16\.12\.1c_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1c_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.12\.1c_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.1c_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.1d_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1d_when_installed_on_1100_series_industrial_integrated_services, Ios_xe_sd\-Wan_16\.12\.1d_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1d_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.12\.1d_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.1d_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.1e_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1e_when_installed_on_1100_series_industrial_integrated_services, Ios_xe_sd\-Wan_16\.12\.1e_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.1e_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.12\.1e_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.1e_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.2r_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.2r_when_installed_on_1100_series_industrial_integrated_services, Ios_xe_sd\-Wan_16\.12\.2r_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.2r_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.12\.2r_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.2r_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.3_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.3_when_installed_on_1100_series_industrial_integrated_services, Ios_xe_sd\-Wan_16\.12\.3_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.3_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.12\.3_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.3_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.4_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.4_when_installed_on_1100_series_industrial_integrated_services, Ios_xe_sd\-Wan_16\.12\.4_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.4_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.12\.4_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.4_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.4a_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.4a_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.4a_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.12\.5_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.5_when_installed_on_1100_series_industrial_integrated_services, Ios_xe_sd\-Wan_16\.12\.5_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.12\.5_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.12\.5_when_installed_on_cloud_services_router_1000v, Ios_xe_sd\-Wan_16\.12\.5_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.9\.1_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.9\.1_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.9\.1_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.9\.1_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.9\.2_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.9\.2_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.9\.2_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.9\.2_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.9\.3_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.9\.3_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.9\.3_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.9\.3_when_installed_on_integrated_services_virtual, Ios_xe_sd\-Wan_16\.9\.4_when_installed_on_1000_series_integrated_services, Ios_xe_sd\-Wan_16\.9\.4_when_installed_on_4000_series_integrated_services, Ios_xe_sd\-Wan_16\.9\.4_when_installed_on_asr_1000_series_aggregation_services, Ios_xe_sd\-Wan_16\.9\.4_when_installed_on_integrated_services_virtual	9.1
2021-09-23	CVE-2021-1621	A vulnerability in the Layer 2 punt code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a queue wedge on an interface that receives specific Layer 2 frames, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of certain Layer 2 frames. An attacker could exploit this vulnerability by sending specific Layer 2 frames on the segment the router is connected to. A successful exploit could allow the attacker to cause...	Ios_xe	7.4
2021-09-23	CVE-2021-1622	A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This vulnerability is due to a deadlock condition in the code when processing COPS packets under certain conditions. An attacker could exploit this vulnerability by sending COPS packets with high burst rates to an affected device. A...	Ios_xe	8.6
2021-09-23	CVE-2021-1623	A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device punt path, resulting in a denial of service (DoS) condition. This vulnerability is due to the punt path being overwhelmed by large quantities of SNMP requests. An attacker could exploit this vulnerability by sending a large number of SNMP requests to an affected device. A successful exploit could...	Ios_xe	7.7