VYPR

IOS XE Software for Cisco Meraki

by Cisco Systems, Inc.

CVEs (273)

  • CVE-2021-34729MedSep 23, 2021
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments…

  • CVE-2021-34725MedSep 23, 2021
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on…

  • CVE-2021-34723MedSep 23, 2021
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device. This vulnerability is due to insufficient validation of specific…

  • CVE-2021-1376MedMar 24, 2021
    risk 0.44cvss 6.7epss 0.00

    Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating…

  • CVE-2021-1375MedMar 24, 2021
    risk 0.44cvss 6.7epss 0.00

    Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating…

  • CVE-2021-1453MedMar 24, 2021
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check…

  • CVE-2021-1452MedMar 24, 2021
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical…

  • CVE-2021-1441MedMar 24, 2021
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This…

  • CVE-2021-1398MedMar 24, 2021
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attacker with level 15 privileges or an unauthenticated attacker with physical access to execute arbitrary code on the underlying Linux operating system of an affected device. This…

  • CVE-2020-3524MedSep 24, 2020
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an…

  • CVE-2020-3513MedSep 24, 2020
    risk 0.44cvss 6.7epss 0.00

    Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high…

  • CVE-2020-3417MedSep 24, 2020
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An…

  • CVE-2020-3416MedSep 24, 2020
    risk 0.44cvss 6.7epss 0.00

    Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high…

  • CVE-2020-3396MedSep 24, 2020
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive (SSD) for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections.…

  • CVE-2020-3220MedJun 3, 2020
    risk 0.44cvss 6.8epss 0.01

    A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected…

  • CVE-2020-3216MedJun 3, 2020
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication…

  • CVE-2020-3215MedJun 3, 2020
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the Virtual Services Container of Cisco IOS XE Software could allow an authenticated, local attacker to gain root-level privileges on an affected device. The vulnerability is due to insufficient validation of a user-supplied open virtual appliance (OVA). An…

  • CVE-2020-3214MedJun 3, 2020
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges. The vulnerability is due to insufficient validation of user-supplied content. This vulnerability could allow an attacker to…

  • CVE-2020-3213MedJun 3, 2020
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the ROMMON of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to those of the root user of the underlying operating system. The vulnerability is due to the ROMMON allowing for special parameters to be passed to the…

  • CVE-2020-3207MedJun 3, 2020
    risk 0.44cvss 6.7epss 0.01

    A vulnerability in the processing of boot options of specific Cisco IOS XE Software switches could allow an authenticated, local attacker with root shell access to the underlying operating system (OS) to conduct a command injection attack during device boot. This vulnerability…

Page 7 of 14