Cisco 4451-x_integrated_services_router
37 CVEs affecting Cisco 4451-x_integrated_services_router. Latest disclosed: 2023-03-23. Critical: 2, High: 19.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-12643 | Critical | 10.0 | 2019-08-28 | A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authenticat… |
CVE-2021-34727 | Critical | 9.8 | 2021-09-23 | A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affecte… |
CVE-2020-3425 | High | 8.8 | 2020-09-24 | Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to el… |
CVE-2019-1904 | High | 8.8 | 2019-06-21 | A vulnerability in the web-based UI (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (… |
CVE-2023-20027 | High | 8.6 | 2023-03-23 | A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of Cisco IOS XE Software could allow an unauthenticated, remot… |
CVE-2022-20919 | High | 8.6 | 2022-09-30 | A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could all… |
CVE-2022-20848 | High | 8.6 | 2022-09-30 | A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allo… |
CVE-2020-3480 | High | 8.6 | 2020-09-24 | Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to rel… |
CVE-2018-0173 | High | 8.6 | 2018-03-28 | A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packet… |
CVE-2023-20065 | High | 7.8 | 2023-03-23 | A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to r… |
CVE-2023-20035 | High | 7.8 | 2023-03-23 | A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges… |
CVE-2022-20818 | High | 7.8 | 2022-09-30 | Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities ar… |
CVE-2022-20775 | High | 7.8 | 2022-09-30 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to i… |
CVE-2021-1529 | High | 7.8 | 2021-10-21 | A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The… |
CVE-2021-1223 | High | 7.5 | 2021-01-13 | Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configur… |
CVE-2019-12657 | High | 7.5 | 2019-09-25 | A vulnerability in Unified Threat Defense (UTD) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload… |
CVE-2019-12654 | High | 7.5 | 2019-09-25 | A vulnerability in the common Session Initiation Protocol (SIP) library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to tri… |
CVE-2018-0177 | High | 7.5 | 2018-03-28 | A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS XE Software running on Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Switches coul… |
CVE-2018-0154 | High | 7.5 | 2018-03-28 | A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remot… |
CVE-2017-12237 | High | 7.5 | 2017-09-29 | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthent… |