Cisco IOS XE vulnerabilities

CVE-2017-12230 [HIGH] CWE-264 CVE-2017-12230: A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authent A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate their privileges on an affected device. The vulnerability is due to incorrect default permission settings for new users who are created by using the web UI of the affected software. An attacker could exploit this vulne

CVE-2017-12222 [MEDIUM] CWE-399 CVE-2017-12222: A vulnerability in the wireless controller manager of Cisco IOS XE could allow an unauthenticated, a A vulnerability in the wireless controller manager of Cisco IOS XE could allow an unauthenticated, adjacent attacker to cause a restart of the switch and result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted association request. A

CVE-2017-12228 [MEDIUM] CWE-20 CVE-2017-12228: A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Ci A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An atta

CVE-2017-12239 [MEDIUM] CWE-264 CVE-2017-12239: A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation Ser A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation Services Routers and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to access an affected device's operating system. The vulnerability exists because an engineering console port is available on the motherboard o

CVE-2017-6627 [HIGH] CWE-399 CVE-2017-6627: A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and a denial of service (DoS) condition. The vulnerability is due to Cisco IOS Software application

CVE-2017-12211 [MEDIUM] CWE-399 CVE-2017-12211: A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) code of Cisco IOS and Cisco IO A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause high CPU usage or a reload of the device. The vulnerability is due to IPv6 sub block corruption. An attacker could exploit this vulnerability by polling the affected device IPv6 info

CVE-2017-6664 [HIGH] CWE-295 CVE-2017-6664: A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthen A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the autonomic node has been revoked. This vulnerability affected devices that are running Release 16.x of Cisco IOS XE Softw

CVE-2017-6770 [MEDIUM] CWE-20 CVE-2017-6770: Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to t

CVE-2017-6663 [MEDIUM] CVE-2017-6663: A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affected Releases: Denali-16.2.1 Denali-16.3.1.

CVE-2017-6665 [MEDIUM] CWE-319 CVE-2017-6665: A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system, an Information Disclosure Vulnerability. More Informatio

CVE-2017-6736 [HIGH] CWE-119 CVE-2017-6736: The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains mu The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected

CVE-2017-6738 [HIGH] CWE-119 CVE-2017-6738: The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains mu The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected

CVE-2017-6742 [HIGH] CWE-119 CVE-2017-6742: A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffer overflow in the affected code area. The vulnerabili

CVE-2017-6741 [HIGH] CWE-119 CVE-2017-6741: A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffer overflow in the affected code area. The vulnerabili

CVE-2017-6740 [HIGH] CWE-119 CVE-2017-6740: The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains mu The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected

CVE-2017-6739 [HIGH] CWE-119 CVE-2017-6739: A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffer overflow in the affected code area. The vulnerabili

CVE-2017-6743 [HIGH] CWE-119 CVE-2017-6743: The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains mu The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected

CVE-2017-6737 [HIGH] CWE-119 CVE-2017-6737: A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffer overflow in the affected code area. The vulnerabili

CVE-2017-3860 [HIGH] CWE-119 CVE-2017-3860: Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisc Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafte

CVE-2017-3861 [HIGH] CWE-119 CVE-2017-3861: Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisc Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafte