Vulnerabilities (CVE)

Vendor filter

Cisco Subscribe

Product filter

Ios Xe Subscribe

Filter

282 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-12649 1 Cisco 2 Ios, Ios Xe 2019-10-09 7.2
A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. The vulnerability exists...
CVE-2019-12647 1 Cisco 1 Ios Xe 2019-10-09 7.8
A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles...
CVE-2019-12646 1 Cisco 1 Ios Xe 2019-10-09 7.8
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The...
CVE-2019-12643 1 Cisco 1 Ios Xe 2019-10-09 10.0
A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. The vulnerability is due to an improper check...
CVE-2019-12624 1 Cisco 1 Ios Xe 2019-10-09 6.8
A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller (NGWC) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on...
CVE-2018-15374 1 Cisco 1 Ios Xe 2019-10-09 7.2
A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install a malicious software image or file on an affected device. The vulnerability is due to the affected software...
CVE-2018-15372 1 Cisco 1 Ios Xe 2019-10-09 4.8
A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass authentication and...
CVE-2018-15371 1 Cisco 1 Ios Xe 2019-10-09 7.2
A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists...
CVE-2018-15369 1 Cisco 2 Ios, Ios Xe 2019-10-09 7.8
A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The...
CVE-2018-15368 1 Cisco 1 Ios Xe 2019-10-09 7.2
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The...
CVE-2018-0485 1 Cisco 2 Ios, Ios Xe 2019-10-09 7.8
A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, remote attacker to cause the ISR G2 Router or...
CVE-2018-0481 1 Cisco 1 Ios Xe 2019-10-09 7.2
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected...
CVE-2018-0480 1 Cisco 1 Ios Xe 2019-10-09 5.7
A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service (DoS) condition. The vulnerability is due to a race...
CVE-2018-0477 1 Cisco 1 Ios Xe 2019-10-09 7.2
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected...
CVE-2018-0476 1 Cisco 1 Ios Xe 2019-10-09 7.1
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The...
CVE-2018-0475 1 Cisco 2 Ios, Ios Xe 2019-10-09 6.1
A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability...
CVE-2018-0471 1 Cisco 1 Ios Xe 2019-10-09 6.1
A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead to a denial of service (DoS) condition. The...
CVE-2018-0469 1 Cisco 1 Ios Xe 2019-10-09 7.1
A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a double-free-in-memory handling by the affected software when...
CVE-2018-0315 1 Cisco 1 Ios Xe 2019-10-09 7.5
A vulnerability in the authentication, authorization, and accounting (AAA) security services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device or cause an affected device to...
CVE-2018-0282 1 Cisco 2 Ios, Ios Xe 2019-10-09 7.1
A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a state condition between the socket state and the...