VYPR

IOS XE Software for Cisco Meraki

by Cisco Systems, Inc.

CVEs (273)

  • CVE-2019-12668Sep 25, 2019
    risk 0.00cvss epss 0.01

    A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The…

  • CVE-2019-12666Sep 25, 2019
    risk 0.00cvss epss 0.01

    A vulnerability in the Guest Shell of Cisco IOS XE Software could allow an authenticated, local attacker to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. The vulnerability is due to incomplete validation of certain commands. An attacker…

  • CVE-2019-12664Sep 25, 2019
    risk 0.00cvss epss 0.01

    A vulnerability in the Dialer interface feature for ISDN connections in Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers (ISRs) could allow an unauthenticated, adjacent attacker to pass IPv4 traffic through an ISDN channel prior to successful PPP…

  • CVE-2019-12658Sep 25, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesystem resources on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to ineffective…

  • CVE-2019-12667Sep 25, 2019
    risk 0.00cvss epss 0.01

    A vulnerability in the web framework code of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software. The vulnerability is due to insufficient input…

  • CVE-2019-12663Sep 25, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability…

  • CVE-2019-12661Sep 25, 2019
    risk 0.00cvss epss 0.00

    A vulnerability in a Virtualization Manager (VMAN) related CLI command of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to…

  • CVE-2019-12653Sep 25, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket…

  • CVE-2019-12646Sep 25, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper…

  • CVE-2019-1904Jun 21, 2019
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based UI (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an…

  • CVE-2019-1862May 13, 2019
    risk 0.00cvss epss 0.06

    A vulnerability in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software…

  • CVE-2019-1762Mar 28, 2019
    risk 0.00cvss epss 0.00

    A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to access sensitive system information on an affected device. The vulnerability is due to improper memory operations performed at encryption time, when…

  • CVE-2019-1760Mar 28, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in Performance Routing Version 3 (PfRv3) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload. The vulnerability is due to the processing of malformed smart probe packets. An attacker could exploit this…

  • CVE-2019-1761Mar 28, 2019
    risk 0.00cvss epss 0.01

    A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory…

  • CVE-2019-1757Mar 28, 2019
    risk 0.00cvss epss 0.01

    A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid certificate. The vulnerability is due to insufficient certificate validation…

  • CVE-2019-1754Mar 28, 2019
    risk 0.00cvss epss 0.03

    A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to improper validation of user privileges of web UI…

  • CVE-2019-1755Mar 28, 2019
    risk 0.00cvss epss 0.03

    A vulnerability in the Web Services Management Agent (WSMA) function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege level 15 user. The vulnerability occurs because the affected software improperly…

  • CVE-2019-1756Mar 28, 2019
    risk 0.00cvss epss 0.04

    A vulnerability in Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input.…

  • CVE-2019-1753Mar 28, 2019
    risk 0.00cvss epss 0.04

    A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to a failure to validate and sanitize input in Web Services…

  • CVE-2019-1752Mar 28, 2019
    risk 0.00cvss epss 0.03

    A vulnerability in the ISDN functions of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of specific values in the Q.931 information elements. An attacker…

Page 13 of 14