Cisco Ios And Ios Xe vulnerabilities

CVE-2022-20919 Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability CVE-2022-20919: Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of

CVE-2018-0131 Cisco IOS and IOS XE Software Internet Key Exchange Version 1 RSA-Encrypted Nonces Vulnerability CVE-2018-0131: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 RSA-Encrypted Nonces Vulnerability A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session. The vulnerability exists because

CVE-2019-1762 Cisco IOS and IOS XE Software Information Disclosure Vulnerability CVE-2019-1762: Cisco IOS and IOS XE Software Information Disclosure Vulnerability A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to access sensitive system information on an affected device. The vulnerability is due to improper memory operations performed at encryption time, when affected software handles configuration updates. An attacker

CVE-2018-0158 Cisco IOS and IOS XE Software Internet Key Exchange Memory Leak Vulnerability CVE-2018-0158: Cisco IOS and IOS XE Software Internet Key Exchange Memory Leak Vulnerability A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect pro

CVE-2017-3860 Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities CVE-2017-3860: Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities Multiple vulnerabilities in the EnergyWise module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted Ene

CVE-2025-20352 Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability CVE-2025-20352: Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is r

CVE-2024-20312 Cisco IOS and IOS XE Software Intermediate System-to-Intermediate System Denial of Service Vulnerability CVE-2024-20312: Cisco IOS and IOS XE Software Intermediate System-to-Intermediate System Denial of Service Vulnerability A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulne

CVE-2017-6739 SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software CVE-2017-6739: SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending

CVE-2018-0475 Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability CVE-2018-0475: Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation when han

CVE-2021-34705 Cisco IOS and IOS XE Software FXO Interface Destination Pattern Bypass Vulnerability CVE-2021-34705: Cisco IOS and IOS XE Software FXO Interface Destination Pattern Bypass Vulnerability A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability is due to insufficient validation of dial s

CVE-2018-0159 Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability CVE-2018-0159: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The

CVE-2016-6410 Cisco IOS and IOS XE Software Application-Hosting Framework Unauthorized File Access Vulnerability CVE-2016-6410: Cisco IOS and IOS XE Software Application-Hosting Framework Unauthorized File Access Vulnerability A vulnerability in the Cisco application-hosting framework (CAF) for Cisco IOS and IOS XE Software with the IOx feature set could allow an authenticated, remote attacker to read arbitrary files on a targeted system. The vulnerability is due to insufficient input validation

CVE-2017-6743 SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software CVE-2017-6743: SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending

CVE-2017-6663 Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Denial of Service Vulnerability CVE-2017-6663: Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Denial of Service Vulnerability A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability

CVE-2019-12669 Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability CVE-2019-12669: Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability A vulnerability in the RADIUS Change of Authorization (CoA) code of Cisco TrustSec, a feature within Cisco IOS XE Software, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of a malfor

CVE-2023-20109 Cisco IOS and IOS XE Software Cisco Group Encrypted Transport VPN Software Out-of-Bounds Write Vulnerability CVE-2023-20109: Cisco IOS and IOS XE Software Cisco Group Encrypted Transport VPN Software Out-of-Bounds Write Vulnerability A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execu

CVE-2018-0151 Cisco IOS and IOS XE Software Quality of Service Remote Code Execution Vulnerability CVE-2018-0151: Cisco IOS and IOS XE Software Quality of Service Remote Code Execution Vulnerability A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges. The vulnerability is due to incorrect bounds check

CVE-2016-1348 Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability CVE-2016-1348: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability A vulnerability in the DHCP version 6 (DHCPv6) relay feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 relay messages. An attacker could exploit this vulnerability by sending a craf

CVE-2024-20307 Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerabilities CVE-2024-20307: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerabilities Multiple vulnerabilities in the Internet Key Exchange version 1 (IKEv1) fragmentation feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow or corruption on an affected syste

CVE-2015-6280 Cisco IOS and IOS XE Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability CVE-2015-6280: Cisco IOS and IOS XE Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability A vulnerability in the SSH version 2 (SSHv2) protocol implementation of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass user authentication. Successful exploitation could allow the attacker to log in with the privileges of the user or the pr