Cisco Catalyst_9130axe
17 CVEs affecting Cisco Catalyst_9130axe. Latest disclosed: 2025-05-07. Critical: 0, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-20231 | High | 8.8 | 2023-09-27 | A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device… |
CVE-2024-20259 | High | 8.6 | 2024-03-27 | A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload une… |
CVE-2022-20919 | High | 8.6 | 2022-09-30 | A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could all… |
CVE-2022-20855 | High | 7.9 | 2022-09-30 | A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authentic… |
CVE-2021-1419 | High | 7.8 | 2021-09-23 | A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the af… |
CVE-2025-20140 | High | 7.4 | 2025-05-07 | A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adja… |
CVE-2024-20303 | High | 7.4 | 2024-03-27 | A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjace… |
CVE-2023-20112 | High | 7.4 | 2023-03-23 | A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affect… |
CVE-2021-34740 | High | 7.4 | 2021-09-23 | A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacke… |
CVE-2025-20190 | Medium | 6.5 | 2025-05-07 | A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software could allow an authenticated, remote attacker to remove arbi… |
CVE-2023-20056 | Medium | 6.5 | 2023-03-23 | A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condi… |
CVE-2020-26140 | Medium | 6.5 | 2021-05-11 | An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a prote… |
CVE-2025-20196 | Medium | 5.3 | 2025-05-07 | A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacke… |
CVE-2020-26139 | Medium | 5.3 | 2021-05-11 | An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfull… |
CVE-2023-20097 | Medium | 4.6 | 2023-03-23 | A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privi… |
CVE-2020-24588 | Low | 3.5 | 2021-05-11 | The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the… |
CVE-2020-24587 | Low | 2.6 | 2021-05-11 | The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a fram… |