Vulnerabilities (CVE)

Vendor filter

Cisco Subscribe

Product filter

Ios Xe Subscribe

Filter

282 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1904 1 Cisco 1 Ios Xe 2019-10-09 6.8
A vulnerability in the web-based UI (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF...
CVE-2019-1762 1 Cisco 2 Ios, Ios Xe 2019-10-09 N/A
A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to access sensitive system information on an affected device. The vulnerability is due to improper memory operations...
CVE-2019-1761 1 Cisco 2 Ios, Ios Xe 2019-10-09 N/A
A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due...
CVE-2019-1760 1 Cisco 1 Ios Xe 2019-10-09 N/A
A vulnerability in Performance Routing Version 3 (PfRv3) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload. The vulnerability is due to the processing of malformed smart probe packets....
CVE-2019-1759 1 Cisco 1 Ios Xe 2019-10-09 N/A
A vulnerability in access control list (ACL) functionality of the Gigabit Ethernet Management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the Gigabit Ethernet...
CVE-2019-1757 1 Cisco 2 Ios, Ios Xe 2019-10-09 N/A
A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid certificate. The vulnerability is due to...
CVE-2019-1756 1 Cisco 2 Ios, Ios Xe 2019-10-09 N/A
A vulnerability in Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly...
CVE-2019-1755 1 Cisco 1 Ios Xe 2019-10-09 N/A
A vulnerability in the Web Services Management Agent (WSMA) function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege level 15 user. The vulnerability occurs because the...
CVE-2019-1754 1 Cisco 1 Ios Xe 2019-10-09 N/A
A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to improper...
CVE-2019-1753 1 Cisco 1 Ios Xe 2019-10-09 N/A
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to a failure to validate and...
CVE-2019-1752 1 Cisco 2 Ios, Ios Xe 2019-10-09 N/A
A vulnerability in the ISDN functions of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of specific values in the Q.931...
CVE-2019-1750 1 Cisco 1 Ios Xe 2019-10-09 N/A
A vulnerability in the Easy Virtual Switching System (VSS) of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. The vulnerability is due to incomplete error...
CVE-2019-1749 1 Cisco 1 Ios Xe 2019-10-09 N/A
A vulnerability in the ingress traffic validation of Cisco IOS XE Software for Cisco Aggregation Services Router (ASR) 900 Route Switch Processor 3 (RSP3) could allow an unauthenticated, adjacent attacker to trigger a reload of an affected...
CVE-2019-1748 1 Cisco 2 Ios, Ios Xe 2019-10-09 N/A
A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the...
CVE-2019-1747 1 Cisco 2 Ios, Ios Xe 2019-10-09 N/A
A vulnerability in the implementation of the Short Message Service (SMS) handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an...
CVE-2019-1746 1 Cisco 2 Ios, Ios Xe 2019-10-09 N/A
A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The...
CVE-2019-1745 1 Cisco 1 Ios Xe 2019-10-09 N/A
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges. The vulnerability is due to insufficient input validation of commands supplied by the...
CVE-2019-1743 1 Cisco 1 Ios Xe 2019-10-09 N/A
A vulnerability in the web UI framework of Cisco IOS XE Software could allow an authenticated, remote attacker to make unauthorized changes to the filesystem of the affected device. The vulnerability is due to improper input validation. An...
CVE-2019-1742 1 Cisco 1 Ios Xe 2019-10-09 N/A
A vulnerability in the web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access sensitive configuration information. The vulnerability is due to improper access control to files within the web UI. An attacker...
CVE-2019-1741 1 Cisco 1 Ios Xe 2019-10-09 N/A
A vulnerability in the Cisco Encrypted Traffic Analytics (ETA) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a logic error that exists...