Cisco Catalyst_9400
22 CVEs affecting Cisco Catalyst_9400. Latest disclosed: 2024-03-27. Critical: 0, High: 11.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-20231 | High | 8.8 | 2023-09-27 | A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device… |
CVE-2024-20259 | High | 8.6 | 2024-03-27 | A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload une… |
CVE-2022-20870 | High | 8.6 | 2022-10-10 | A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switche… |
CVE-2022-20919 | High | 8.6 | 2022-09-30 | A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could all… |
CVE-2022-20848 | High | 8.6 | 2022-09-30 | A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allo… |
CVE-2021-1565 | High | 8.6 | 2021-09-23 | Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 900… |
CVE-2021-1373 | High | 8.6 | 2021-03-24 | A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Cis… |
CVE-2023-20065 | High | 7.8 | 2023-03-23 | A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to r… |
CVE-2020-3422 | High | 7.5 | 2020-09-24 | A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the… |
CVE-2018-0154 | High | 7.5 | 2018-03-28 | A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remot… |
CVE-2017-12237 | High | 7.5 | 2017-09-29 | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthent… |
CVE-2023-20081 | Medium | 6.8 | 2023-03-23 | A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cis… |
CVE-2021-34703 | Medium | 6.8 | 2021-09-23 | A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a… |
CVE-2023-20066 | Medium | 6.5 | 2023-03-23 | A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that… |
CVE-2020-3429 | Medium | 6.5 | 2020-09-24 | A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an una… |
CVE-2018-0180 | Medium | 5.9 | 2018-03-28 | Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a rel… |
CVE-2018-0179 | Medium | 5.9 | 2018-03-28 | Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a rel… |
CVE-2017-12319 | Medium | 5.9 | 2018-03-27 | A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated… |
CVE-2022-20851 | Medium | 5.5 | 2022-09-30 | A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected… |
CVE-2022-20677 | Medium | 5.5 | 2022-04-15 | Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into… |