VYPR

iOS Xe

by Cisco Systems, Inc.

CVEs (220)

  • CVE-2017-12226HigSep 29, 2017
    risk 0.57cvss 8.8epss 0.03

    A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E (Wireless) Switches, and Cisco New Generation Wireless Controllers (NGWC) 3850 could allow an authenticated,…

  • CVE-2017-3858HigMar 22, 2017
    risk 0.57cvss 8.8epss 0.03

    A vulnerability in the web framework of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of HTTP parameters supplied by the user. An…

  • CVE-2018-0467HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacker could exploit this…

  • CVE-2017-3863HigApr 20, 2017
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service…

  • CVE-2017-3862HigApr 20, 2017
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service…

  • CVE-2017-3861HigApr 20, 2017
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service…

  • CVE-2017-3860HigApr 20, 2017
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service…

  • CVE-2017-3864HigMar 22, 2017
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a…

  • CVE-2017-6663MedKEVAug 7, 2017
    risk 0.54cvss 6.5epss 0.02

    A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information:…

  • CVE-2016-6380HigOct 5, 2016
    risk 0.53cvss 8.1epss 0.03

    The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID…

  • CVE-2016-6414HigSep 22, 2016
    risk 0.51cvss 7.8epss 0.00

    iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local users to execute arbitrary IOx Linux commands on the guest OS via crafted iox command-line options, aka Bug ID CSCuz59223.

  • CVE-2022-20920HigOct 10, 2022
    risk 0.50cvss 7.7epss 0.01

    A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker…

  • CVE-2017-6664HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the autonomic node has been revoked. This…

  • CVE-2017-3859HigMar 22, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a format string vulnerability when…

  • CVE-2017-3857HigMar 22, 2017
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to…

  • CVE-2017-3856HigMar 22, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is…

  • CVE-2016-6393HigOct 5, 2016
    risk 0.49cvss 7.5epss 0.05

    The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka…

  • CVE-2016-6385HigOct 5, 2016
    risk 0.49cvss 7.5epss 0.03

    Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.

  • CVE-2016-6379HigOct 5, 2016
    risk 0.49cvss 7.5epss 0.03

    Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.

  • CVE-2016-6378HigOct 5, 2016
    risk 0.49cvss 7.5epss 0.02

    Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets that require NAT, aka Bug ID CSCuw85853.

Page 2 of 11