Cisco Ios And Ios Xe vulnerabilities

CVE-2015-6429 Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability CVE-2015-6429: Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability A vulnerability in the Internet Key Exchange (IKEv1) state machine of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to tear down valid IPsec connections, resulting in a partial denial of service (DoS) condition. The vulnerability is due to insufficient condition checks

CVE-2019-12668 Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability CVE-2019-12668: Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient

CVE-2024-20311 Cisco IOS and IOS XE Software Locator ID Separation Protocol Denial of Service Vulnerability CVE-2024-20311: Cisco IOS and IOS XE Software Locator ID Separation Protocol Denial of Service Vulnerability A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to the incorrect handling of LISP packets. An attacke

CVE-2024-20433 Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability CVE-2024-20433: Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability

CVE-2025-20149 Cisco IOS and IOS XE Software CLI Denial of Service Vulnerability CVE-2025-20149: Cisco IOS and IOS XE Software CLI Denial of Service Vulnerability A vulnerability in the CLI of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a buffer overflow. An attacker with a low-privileged account could exploit this vulner

CVE-2016-1478 Cisco IOS and IOS XE Software Crafted Network Time Protocol Packets Denial of Service Vulnerability CVE-2016-1478: Cisco IOS and IOS XE Software Crafted Network Time Protocol Packets Denial of Service Vulnerability A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability

CVE-2020-3512 Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability CVE-2020-3512: Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) co

CVE-2015-6279 Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities CVE-2015-6279: Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities Two vulnerabilities in the IPv6 first hop security feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. Cisco has released software updates that address these vulnerabilities. There are no CWE: CWE-20, CWE-20 Bug IDs: CS

CVE-2019-1757 Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability CVE-2019-1757: Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software.

CVE-2018-0485 Cisco IOS and IOS XE Software SM-1T3/E3 Service Module Denial of Service Vulnerability CVE-2018-0485: Cisco IOS and IOS XE Software SM-1T3/E3 Service Module Denial of Service Vulnerability A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resu

CVE-2019-1737 Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability CVE-2019-1737: Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability

CVE-2019-12647 Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability CVE-2019-12647: Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference. An attacker could exploit th

CVE-2016-6384 Cisco IOS and IOS XE Software H.323 Message Validation Denial of Service Vulnerability CVE-2016-6384: Cisco IOS and IOS XE Software H.323 Message Validation Denial of Service Vulnerability A vulnerability in the H.323 subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition on an affected device. The vulnerability is due to a failure to properly validate certain fields in an H.323 protocol suite message

CVE-2017-6740 SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software CVE-2017-6740: SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending

CVE-2020-3200 Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability CVE-2020-3200: Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected b

CVE-2017-6665 Cisco IOS and IOS XE Software Autonomic Control Plane Channel Information Disclosure Vulnerability CVE-2017-6665: Cisco IOS and IOS XE Software Autonomic Control Plane Channel Information Disclosure Vulnerability A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text wi

CVE-2016-6379 Cisco IOS and IOS XE Software IP Detail Record Denial of Service Vulnerability CVE-2016-6379: Cisco IOS and IOS XE Software IP Detail Record Denial of Service Vulnerability A vulnerability in the IP Detail Record (IPDR) code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload. The vulnerability is due to improper handling of IPDR packets. An attacker could exploit this vulnerability by sending crafted IPDR packets t

CVE-2018-0155 Cisco IOS and IOS XE Software Bidirectional Forwarding Detection Denial of Service Vulnerability CVE-2018-0155: Cisco IOS and IOS XE Software Bidirectional Forwarding Detection Denial of Service Vulnerability A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial of ser

CVE-2018-0173 Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability CVE-2018-0173: Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condit

CVE-2017-6736 SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software CVE-2017-6736: SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending