Total
539 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12239 | 1 Cisco | 1 Ios Xe | 2025-04-20 | 7.2 HIGH | 6.8 MEDIUM |
| A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation Services Routers and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to access an affected device's operating system. The vulnerability exists because an engineering console port is available on the motherboard of the affected line cards. An attacker could exploit this vulnerability by physically connecting to the console port on the line card. A successful exploit could allow the attacker to gain full access to the affected device's operating system. This vulnerability affects only Cisco ASR 1000 Series Routers that have removable line cards and Cisco cBR-8 Converged Broadband Routers, if they are running certain Cisco IOS XE 3.16 through 16.5 releases. Cisco Bug IDs: CSCvc65866, CSCve77132. | |||||
| CVE-2017-3859 | 1 Cisco | 9 Asr-920-12cz-a, Asr-920-12cz-d, Asr-920-12sz-im and 6 more | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco ASR 920 Series Aggregation Services Routers that are running an affected release of Cisco IOS XE Software (3.13 through 3.18) and are listening on the DHCP server port. By default, the devices do not listen on the DHCP server port. Cisco Bug IDs: CSCuy56385. | |||||
| CVE-2017-6770 | 1 Cisco | 7 Adaptive Security Appliance Software, Ios, Ios Xe and 4 more | 2025-04-20 | 4.0 MEDIUM | 4.2 MEDIUM |
| Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast OSPF LSA type 1 packets. No other LSA type packets can trigger this vulnerability. OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability. Cisco Bug IDs: CSCva74756, CSCve47393, CSCve47401. | |||||
| CVE-2017-6665 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-20 | 3.3 LOW | 6.5 MEDIUM |
| A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system, an Information Disclosure Vulnerability. More Information: CSCvd51214. Known Affected Releases: Denali-16.2.1 Denali-16.3.1. | |||||
| CVE-2017-12222 | 1 Cisco | 1 Ios Xe | 2025-04-20 | 6.1 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the wireless controller manager of Cisco IOS XE could allow an unauthenticated, adjacent attacker to cause a restart of the switch and result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted association request. An exploit could allow the attacker to cause the switch to restart. This vulnerability affects Cisco Catalyst 3650 and 3850 switches running IOS XE Software versions 16.1 through 16.3.3, and acting as wireless LAN controllers (WLC). Cisco Bug IDs: CSCvd45069. | |||||
| CVE-2017-12229 | 1 Cisco | 1 Ios Xe | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to bypass authentication to the REST API of the web UI of the affected software. The vulnerability is due to insufficient input validation for the REST API of the affected software. An attacker could exploit this vulnerability by sending a malicious API request to an affected device. A successful exploit could allow the attacker to bypass authentication and gain access to the web UI of the affected software. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the HTTP Server feature is enabled for the device. The newly redesigned, web-based administration UI was introduced in the Denali 16.2 Release of Cisco IOS XE Software. This vulnerability does not affect the web-based administration UI in earlier releases of Cisco IOS XE Software. Cisco Bug IDs: CSCuz46036. | |||||
| CVE-2017-6796 | 1 Cisco | 1 Ios Xe | 2025-04-20 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the platform usb modem command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the platform usb modem command in the CLI of an affected device. A successful exploit could allow the attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. Cisco Bug IDs: CSCve48949. | |||||
| CVE-2017-6606 | 1 Cisco | 1 Ios Xe | 2025-04-20 | 6.9 MEDIUM | 6.4 MEDIUM |
| A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. More Information: CSCuz06639 CSCuz42122. Known Affected Releases: 15.6(1.1)S 16.1.2 16.2.0 15.2(1)E. Known Fixed Releases: Denali-16.1.3 16.2(1.8) 16.1(2.61) 15.6(2)SP 15.6(2)S1 15.6(1)S2 15.5(3)S3a 15.5(3)S3 15.5(2)S4 15.5(1)S4 15.4(3)S6a 15.4(3)S6 15.3(3)S8a 15.3(3)S8 15.2(5)E 15.2(4)E3 15.2(3)E5 15.0(2)SQD3 15.0(1.9.2)SQD3 3.9(0)E. | |||||
| CVE-2017-3849 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-20 | 6.1 MEDIUM | 7.4 HIGH |
| A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted autonomic network channel discovery packet to a device that has all the following characteristics: (1) running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature; (2) configured as an autonomic registrar; (3) has a whitelist configured. An exploit could allow the attacker to cause the affected device to reload. Note: Autonomic networking should be configured with a whitelist. Do not remove the whitelist as a workaround. Cisco Bug IDs: CSCvc42717. | |||||
| CVE-2015-0708 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 6.1 MEDIUM | N/A |
| Cisco IOS 15.4S, 15.4SN, and 15.5S and IOS XE 3.13S and 3.14S allow remote attackers to cause a denial of service (device crash) by including an IA_NA option in a DHCPv6 Solicit message on the local network, aka Bug ID CSCur29956. | |||||
| CVE-2014-2183 | 1 Cisco | 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more | 2025-04-12 | 6.3 MEDIUM | N/A |
| The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973. | |||||
| CVE-2015-0632 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 5.7 MEDIUM | N/A |
| Race condition in the Neighbor Discovery (ND) protocol implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service via a flood of Router Solicitation messages on the local network, aka Bug ID CSCuo67770. | |||||
| CVE-2015-0645 | 1 Cisco | 1 Ios Xe | 2025-04-12 | 7.8 HIGH | N/A |
| The Layer 4 Redirect (L4R) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.2S, 3.13 before 3.13.1S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuq59131. | |||||
| CVE-2015-0637 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 7.8 HIGH | N/A |
| The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN messages, aka Bug ID CSCup62315. | |||||
| CVE-2014-3327 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 7.8 HIGH | N/A |
| The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101. | |||||
| CVE-2015-0644 | 1 Cisco | 1 Ios Xe | 2025-04-12 | 7.8 HIGH | N/A |
| AppNav in Cisco IOS XE 3.8 through 3.10 before 3.10.3S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via a crafted TCP packet, aka Bug ID CSCuo53622. | |||||
| CVE-2015-6294 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 6.1 MEDIUM | N/A |
| Cisco IOS 15.2(3)E and earlier and IOS XE 3.6(2)E and earlier allow remote attackers to cause a denial of service (functionality loss) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuu25770. | |||||
| CVE-2014-2146 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847. | |||||
| CVE-2016-1432 | 1 Cisco | 1 Ios Xe | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| Cisco IOS XE 3.15S and 3.16S on cBR-8 Converged Broadband Router devices allows remote authenticated users to cause a denial of service (NULL pointer dereference and card restart) via a crafted SNMP request, aka Bug ID CSCuu68862. | |||||
| CVE-2015-6429 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 5.0 MEDIUM | N/A |
| The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236. | |||||