Cisco Ios vulnerabilities

CVE-2021-1620 [HIGH] CWE-563 CVE-2021-1620: A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certai

CVE-2021-34703 [MEDIUM] CWE-456 CVE-2021-34703: A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper initialization of a buffer. An attacker could exploit this vulnerability

CVE-2021-34705 [MEDIUM] CWE-232 CVE-2021-34705: A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cis A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability is due to insufficient validation of dial strings at Foreign Exchange Office (FXO) interfaces.

CVE-2021-1392 [HIGH] CWE-522 CVE-2021-1392: A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip securit

CVE-2021-1460 [HIGH] CWE-400 CVE-2021-1460: A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services R A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulner

CVE-2021-1377 [MEDIUM] CWE-399 CVE-2021-1377: A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resolving ARP entries for legitimate hosts on the connected subnets. This vulnerability exists because ARP entries are mismanaged. An attacker could exploit th

CVE-2021-1385 [MEDIUM] CWE-22 CVE-2021-1385: A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could a A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to conduct directory traversal attacks and read and write files on the underlying operating system or host system. This vulnerability occurs because the device does not properly validate URIs in IOx API requests. An

CVE-2021-1391 [MEDIUM] CWE-489 CVE-2021-1391: A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, loc A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by bypassing the consen

CVE-2020-3409 [HIGH] CWE-20 CVE-2020-3409: A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an

CVE-2020-3511 [HIGH] CWE-20 CVE-2020-3511: A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the ISDN Q.931 messages are processed. An attacker could exploit t

CVE-2020-3408 [HIGH] CWE-185 CVE-2020-3408: A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releas

CVE-2020-3512 [HIGH] CWE-388 CVE-2020-3512: A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco I A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the P

CVE-2020-3477 [MEDIUM] CWE-20 CVE-2020-3477: A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an aut A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific comma

CVE-2019-12647 [HIGH] CWE-476 CVE-2019-12647: A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauth A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference. An attacker could exploit this vulnerability by openin

CVE-2018-0484 [MEDIUM] CWE-284 CVE-2018-0484: A vulnerability in the access control logic of the Secure Shell (SSH) server of Cisco IOS and IOS XE A vulnerability in the access control logic of the Secure Shell (SSH) server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding (VRF) instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a missing check in the SSH server. An attacker could

CVE-2018-0282 [MEDIUM] CWE-371 CVE-2018-0282: A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticat A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a state condition between the socket state and the transmission control block (TCB) state. While this vulnerability potentially affects all TCP applications, the only

CVE-2018-0154 [HIGH] CWE-399 CVE-2018-0154: A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticat A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of VPN traffic by

CVE-2018-0180 [MEDIUM] CWE-399 CVE-2018-0180: Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trig Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco I

CVE-2018-0161 [MEDIUM] CWE-399 CVE-2018-0161: A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition, aka a GET MIB Object ID Denial of Service Vulnerability. The v

CVE-2018-0163 [MEDIUM] CWE-287 CVE-2018-0163: A vulnerability in the 802 A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated.