Cisco Ios Xe Software vulnerabilities

CVE-2024-20265 [MEDIUM] CWE-501 CVE-2024-20265: A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticat A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device. This vulnerability exists because unnecessary commands are available during boot time at the physical cons

CVE-2023-20273 [HIGH] CWE-78 CVE-2023-20273: A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inje

CVE-2023-20198 [CRITICAL] CWE-420 CVE-2023-20198: Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gai

CVE-2023-20235 [HIGH] CWE-552 CVE-2023-20235: A vulnerability in the on-device application development workflow feature for the Cisco IOx applicat A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the root user. This vulnerability exists because Docker containers with the privileged runtime option are not

CVE-2023-20186 [CRITICAL] CWE-285 CVE-2023-20186: A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Soft A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy Protocol (SCP). This vulnerability is due to incorrect

CVE-2023-20227 [HIGH] CWE-388 CVE-2023-20227: A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allo A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain L2TP packets. An attacker could exploit this vulnerability by sending crafted L2TP packet

CVE-2023-20187 [HIGH] CWE-823 CVE-2023-20187: A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software fo A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect handling of certain IPv

CVE-2023-20226 [HIGH] CWE-456 CVE-2023-20226: A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Ci A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the mishandling of a crafted packet stream through the

CVE-2023-20231 [HIGH] CWE-78 CVE-2023-20231: A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to

CVE-2023-20033 [HIGH] CWE-770 CVE-2023-20033: A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series Switches c A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper resource management when processing traffic that is received on th

CVE-2023-20109 [MEDIUM] CWE-787 CVE-2023-20109: A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software a A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability is due to i

CVE-2023-20202 [MEDIUM] CWE-789 CVE-2023-20202: A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of network request

CVE-2023-20029 [HIGH] CWE-122 CVE-2023-20029: A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticat A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to insufficient memory protection in the Meraki onboarding feature of an affected device. An attacker could exploit this vulnerability by modifying the Mer

CVE-2023-20065 [HIGH] CWE-284 CVE-2023-20065: A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Ci

CVE-2023-20072 [HIGH] CWE-20 CVE-2023-20072: A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Softwa A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of large fragmented tunnel protocol packets. One example of a t

CVE-2023-20027 [HIGH] CWE-416 CVE-2023-20027: A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper reassembly of large packets that occurs when VFR is enabled on either a tunnel

CVE-2023-20035 [HIGH] CWE-146 CVE-2023-20035: A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attac A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected

CVE-2023-20066 [MEDIUM] CWE-23 CVE-2023-20066: A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted requ

CVE-2023-20067 [MEDIUM] CWE-770 CVE-2023-20067: A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless LAN A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vu

CVE-2023-20100 [MEDIUM] CWE-694 CVE-2023-20100: A vulnerability in the access point (AP) joining process of the Control and Provisioning of Wireless A vulnerability in the access point (AP) joining process of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic erro