Cisco Ios_xe
175 CVEs affecting Cisco Ios_xe. Latest disclosed: 2023-10-10. Critical: 3, High: 36.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-12236 | Critical | 9.8 | 2017-09-29 | A vulnerability in the implementation of the Locator/ID Separation Protocol (LISP) in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote atta… |
CVE-2017-12229 | Critical | 9.8 | 2017-09-29 | A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to by… |
CVE-2016-6441 | Critical | 9.8 | 2016-11-03 | A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of… |
CVE-2017-12230 | High | 8.8 | 2017-09-29 | A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate their privileges on an a… |
CVE-2017-12226 | High | 8.8 | 2017-09-29 | A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engi… |
CVE-2017-6741 | High | 8.8 | 2017-07-17 | A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute cod… |
CVE-2017-3858 | High | 8.8 | 2017-03-22 | A vulnerability in the web framework of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with… |
CVE-2017-3863 | High | 8.6 | 2017-04-20 | Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated… |
CVE-2017-3862 | High | 8.6 | 2017-04-20 | Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated… |
CVE-2017-3861 | High | 8.6 | 2017-04-20 | Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated… |
CVE-2017-3860 | High | 8.6 | 2017-04-20 | Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated… |
CVE-2017-3864 | High | 8.6 | 2017-03-22 | A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenti… |
CVE-2016-6380 | High | 8.1 | 2016-10-05 | The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from… |
CVE-2022-20920 | High | 7.7 | 2022-10-10 | A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected de… |
CVE-2023-44487 | High | 7.5 | 2023-10-10 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the w… |
CVE-2017-6664 | High | 7.5 | 2017-08-07 | A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Net… |
CVE-2017-3859 | High | 7.5 | 2017-03-22 | A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, r… |
CVE-2017-3857 | High | 7.5 | 2017-03-22 | A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through… |
CVE-2017-3856 | High | 7.5 | 2017-03-22 | A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reloa… |
CVE-2016-6393 | High | 7.5 | 2016-10-05 | The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service… |