Cisco Ios Xe Software vulnerabilities

238 known vulnerabilities affecting cisco/cisco_ios_xe_software.

Total CVEs
238
CISA KEV
6
actively exploited
Public exploits
4
Exploited in wild
6
Severity breakdown
CRITICAL10HIGH136MEDIUM92

Vulnerabilities

Page 3 of 12
CVE-2025-20196MEDIUMCVSS 5.3v16.1.1v16.1.2+135 more2025-05-07
CVE-2025-20196 [MEDIUM] CWE-307 CVE-2025-20196: A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of HTTP reques
cvelistv5nvd
CVE-2025-20193MEDIUMCVSS 6.5v17.3.1v17.3.2+85 more2025-05-07
CVE-2025-20193 [MEDIUM] CWE-78 CVE-2025-20193: A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authen A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device.r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based mana
cvelistv5nvd
CVE-2025-20195MEDIUMCVSS 4.3v16.1.1v16.1.2+208 more2025-05-07
CVE-2025-20195 [MEDIUM] CWE-352 CVE-2025-20195: A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauth A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a CSRF attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could expl
cvelistv5nvd
CVE-2025-20155MEDIUMCVSS 6.0v17.9.4v17.9.5+26 more2025-05-07
CVE-2025-20155 [MEDIUM] CWE-1287 CVE-2025-20155: A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, loca A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is first deployed in SD-WAN mode or when an administrator co
cvelistv5nvd
CVE-2025-20201MEDIUMCVSS 6.7v3.7.0Sv3.7.1S+408 more2025-05-07
CVE-2025-20201 [MEDIUM] CWE-754 CVE-2025-20201: A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker wit A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vul
cvelistv5nvd
CVE-2025-20190MEDIUMCVSS 6.5v17.6.8v17.9.6+5 more2025-05-07
CVE-2025-20190 [MEDIUM] CWE-284 CVE-2025-20190: A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software c A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software could allow an authenticated, remote attacker to remove arbitrary users that are defined on an affected device. This vulnerability is due to insufficient access control of actions executed by lobby ambassador users. An attacker could exploit this vulne
cvelistv5nvd
CVE-2025-20214MEDIUMCVSS 4.3v17.11.1v17.11.1a+12 more2025-05-07
CVE-2025-20214 [MEDIUM] CWE-639 CVE-2025-20214: A vulnerability in the Network Configuration Access Control Module (NACM) of Cisco IOS XE Software c A vulnerability in the Network Configuration Access Control Module (NACM) of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data. This vulnerability exists because a subtle change in inner API call behavior causes results to be filtered incorrectly. An attacker c
cvelistv5nvd
CVE-2025-20194MEDIUMCVSS 5.4v17.3.1v17.3.2+96 more2025-05-07
CVE-2025-20194 [MEDIUM] CWE-78 CVE-2025-20194: A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authen A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based mana
cvelistv5nvd
CVE-2025-20172HIGHCVSS 7.7v3.7.0Sv3.7.1S+424 more2025-02-05
CVE-2025-20172 [HIGH] CWE-248 CVE-2025-20172: A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted S
cvelistv5nvd
CVE-2025-20171HIGHCVSS 7.7v3.2.0SGv3.2.1SG+450 more2025-02-05
CVE-2025-20171 [HIGH] CWE-248 CVE-2025-20171: A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affect
cvelistv5nvd
CVE-2025-20174HIGHCVSS 7.7v3.11.1Sv3.11.2S+257 more2025-02-05
CVE-2025-20174 [HIGH] CWE-805 CVE-2025-20174: A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affect
cvelistv5nvd
CVE-2025-20176HIGHCVSS 7.7v3.3.0SEv3.3.1SE+378 more2025-02-05
CVE-2025-20176 [HIGH] CWE-248 CVE-2025-20176: A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affect
cvelistv5nvd
CVE-2025-20170HIGHCVSS 7.7v3.2.0SGv3.2.1SG+444 more2025-02-05
CVE-2025-20170 [HIGH] CWE-805 CVE-2025-20170: A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affect
cvelistv5nvd
CVE-2025-20173HIGHCVSS 7.7v3.2.0SGv3.2.1SG+448 more2025-02-05
CVE-2025-20173 [HIGH] CWE-248 CVE-2025-20173: A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affect
cvelistv5nvd
CVE-2025-20175HIGHCVSS 7.7v3.2.0SGv3.2.1SG+452 more2025-02-05
CVE-2025-20175 [HIGH] CWE-805 CVE-2025-20175: A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affect
cvelistv5nvd
CVE-2025-20169HIGHCVSS 7.7v3.2.0SGv3.2.1SG+444 more2025-02-05
CVE-2025-20169 [HIGH] CWE-805 CVE-2025-20169: A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affect
cvelistv5nvd
CVE-2024-20510CRITICALCVSS 9.3v16.3.1v16.3.2+195 more2024-09-25
CVE-2024-20510 [CRITICAL] CWE-863 CVE-2024-20510: A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireles A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication access control list (ACL), which could allow access to network resources before user authentication. This vulnerability is due to a logic error when act
cvelistv5nvd
CVE-2024-20455HIGHCVSS 8.6v17.1.1v17.1.1a+85 more2024-09-25
CVE-2024-20455 [HIGH] CWE-371 CVE-2024-20455: A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense ( A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because UTD improperly handles certain packets as th
cvelistv5nvd
CVE-2024-20436HIGHCVSS 7.5v3.9.1Sv3.9.2S+199 more2024-09-25
CVE-2024-20436 [HIGH] CWE-476 CVE-2024-20436: A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service featu A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a null pointer dereference when accessing specific URLs. An attacker could exploit this vulner
cvelistv5nvd
CVE-2024-20480HIGHCVSS 8.6v16.1.1v16.1.2+203 more2024-09-25
CVE-2024-20480 [HIGH] CWE-783 CVE-2024-20480: A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual reload to recover. This vulnerability is due to impro
cvelistv5nvd
← Previous3 / 12Next →