Cisco Ios And Ios Xe vulnerabilities

CVE-2016-1459 Cisco IOS and IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability CVE-2016-1459: Cisco IOS and IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability A vulnerability in Border Gateway Protocol (BGP) message processing functions of Cisco IOS and IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of crafted BGP at

CVE-2019-1738 Cisco IOS and IOS XE Software Network-Based Application Recognition Denial of Service Vulnerabilities CVE-2019-1738: Cisco IOS and IOS XE Software Network-Based Application Recognition Denial of Service Vulnerabilities Multiple vulnerabilities in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. These vulnerabilities are due to a parsing issu

CVE-2019-12654 Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability CVE-2019-12654: Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability A vulnerability in the common Session Initiation Protocol (SIP) library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient sa

CVE-2016-1344 Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability CVE-2016-1344: Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability A vulnerability in the Internet Key Exchange (IKE) version 2 (v2) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to an improper handlin

CVE-2016-1349 Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability CVE-2016-1349: Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability The Smart Install client feature in Cisco IOS and IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of image list parameters. An attacker could exploit this vul

CVE-2018-0282 Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability CVE-2018-0282: Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a state condition between the socket state and the transmission control block (TCB) state. While this vulnerability potentially affects all TCP applicat

CVE-2020-3409 Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability CVE-2020-3409: Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET

CVE-2025-20151 Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability CVE-2025-20151: Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized

CVE-2017-12237 Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability CVE-2017-12237: Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition.

CVE-2017-3862 Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities CVE-2017-3862: Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities Multiple vulnerabilities in the EnergyWise module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted Ene

CVE-2020-3235 Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability CVE-2020-3235: Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to i

CVE-2023-20186 Cisco IOS and IOS XE Software Command Authorization Bypass Vulnerability CVE-2023-20186: Cisco IOS and IOS XE Software Command Authorization Bypass Vulnerability A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy Protocol (SCP). This vulnera

CVE-2018-15369 Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability CVE-2018-15369: Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of crafted TACACS+ response packets

CVE-2016-6381 Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability CVE-2016-6381: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an exhaustion of available memory or a reload of the affected system. The vulnerabi

CVE-2016-6393 Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability CVE-2016-6393: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability A vulnerability in the Authentication, Authorization, and Accounting (AAA) service for remote Secure Shell Host (SSH) connections to the device for Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the vulnerable device to reload. The vulnerability is due to an error log message when a rem

CVE-2016-6382 Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities CVE-2016-6382: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities Multiple vulnerabilities in the multicast subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition. The issues are in IPv4 Multicast Source Discovery Protocol (MSDP) and IPv6 Protocol Independent Multicast (PIM). The first vuln

CVE-2019-1761 Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability CVE-2019-1761: Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attac

CVE-2018-15377 Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability CVE-2018-15377: Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to insufficient input validation by th

CVE-2021-34699 Cisco IOS and IOS XE Software TrustSec CLI Parser Denial of Service Vulnerability CVE-2021-34699: Cisco IOS and IOS XE Software TrustSec CLI Parser Denial of Service Vulnerability A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerability

CVE-2017-3861 Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities CVE-2017-3861: Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities Multiple vulnerabilities in the EnergyWise module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted Ene