VYPR

IOS XE Software for Cisco Meraki

by Cisco Systems, Inc.

CVEs (273)

  • CVE-2020-3489HigSep 24, 2020
    risk 0.48cvss 7.4epss 0.01

    Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS)…

  • CVE-2020-3488HigSep 24, 2020
    risk 0.48cvss 7.4epss 0.01

    Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS)…

  • CVE-2020-3465HigSep 24, 2020
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the…

  • CVE-2020-3390HigSep 24, 2020
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload,…

  • CVE-2019-1750HigMar 28, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Easy Virtual Switching System (VSS) of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. The vulnerability is due to incomplete error handling when processing Cisco…

  • CVE-2019-1749HigMar 28, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the ingress traffic validation of Cisco IOS XE Software for Cisco Aggregation Services Router (ASR) 900 Route Switch Processor 3 (RSP3) could allow an unauthenticated, adjacent attacker to trigger a reload of an affected device, resulting in a denial of…

  • CVE-2019-1748HigMar 28, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently…

  • CVE-2019-1746HigMar 28, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to…

  • CVE-2018-0471HigOct 5, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead to a denial of service (DoS) condition. The vulnerability is due to incorrect…

  • CVE-2021-1435HigMar 24, 2021
    risk 0.47cvss 7.2epss 0.08

    A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that can be executed as the root user. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by…

  • CVE-2021-1432HigMar 24, 2021
    risk 0.47cvss 7.3epss 0.00

    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to…

  • CVE-2020-3218HigJun 3, 2020
    risk 0.47cvss 7.2epss 0.05

    A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code with root privileges on the underlying Linux shell. The vulnerability is due to improper validation of user-supplied…

  • CVE-2020-3212HigJun 3, 2020
    risk 0.47cvss 7.2epss 0.03

    A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper input sanitization. An attacker…

  • CVE-2020-3211HigJun 3, 2020
    risk 0.47cvss 7.2epss 0.04

    A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper input sanitization. An attacker…

  • CVE-2019-1862HigMay 13, 2019
    risk 0.47cvss 7.2epss 0.06

    A vulnerability in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software…

  • CVE-2019-1756HigMar 28, 2019
    risk 0.47cvss 7.2epss 0.04

    A vulnerability in Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input.…

  • CVE-2021-1384MedMar 24, 2021
    risk 0.45cvss 6.5epss 0.35

    A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands into the underlying operating system as the root user. This vulnerability is due to incomplete validation of fields in the…

  • CVE-2023-20100MedMar 23, 2023
    risk 0.44cvss 6.8epss 0.01

    A vulnerability in the access point (AP) joining process of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS)…

  • CVE-2022-20694MedApr 15, 2022
    risk 0.44cvss 6.8epss 0.01

    A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition.…

  • CVE-2022-20679MedApr 15, 2022
    risk 0.44cvss 6.8epss 0.01

    A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to buffer exhaustion that occurs while…

Page 6 of 14