Cisco Ios Xe Software 3.2.9Sg vulnerabilities

CVE-2019-12669 [HIGH] CWE-20 CVE-2019-12669: A vulnerability in the RADIUS Change of Authorization (CoA) code of Cisco TrustSec, a feature within A vulnerability in the RADIUS Change of Authorization (CoA) code of Cisco TrustSec, a feature within Cisco IOS XE Software, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of a malformed packet. An attacker could exploit this vulnerability

CVE-2019-12671 [HIGH] CWE-285 CVE-2019-12671: A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system (OS). The vulnerability is due to insufficient enforcement of the consent token in authorizing shell access. An attacker could exploit this vulnerability by a