Cisco IOS XE vulnerabilities

CVE-2024-20434 [MEDIUM] CWE-190 CVE-2024-20434: A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this vulnerability by sending crafted frames to an affected de

CVE-2024-20313 [HIGH] CWE-120 CVE-2024-20313: A vulnerability in the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software could allow an unaut A vulnerability in the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of OSPF updates that are processed by a device. An attacker could exploi

CVE-2024-20354 [HIGH] CWE-460 CVE-2024-20354: A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Soft A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit th

CVE-2024-20259 [HIGH] CWE-122 CVE-2024-20259: A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandled when endpoint analytics are enabled. An attacker cou

CVE-2024-20303 [HIGH] CWE-459 CVE-2024-20303: A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LA A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper management of mDNS client entries. An attacker could exploit this vulnerability by connecting to t

CVE-2024-20271 [HIGH] CWE-20 CVE-2024-20271: A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unaut A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 pac

CVE-2024-20314 [HIGH] CWE-783 CVE-2024-20314: A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IO A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certai

CVE-2024-20307 [HIGH] CWE-121 CVE-2024-20307: A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software coul A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected device reloading. This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerabili

CVE-2024-20311 [HIGH] CWE-674 CVE-2024-20311: A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and Cisco A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to the incorrect handling of LISP packets. An attacker could exploit this vulnerability by sending a crafted LISP packet to

CVE-2024-20312 [HIGH] CWE-476 CVE-2024-20312: A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Soft A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An atta

CVE-2024-20308 [HIGH] CWE-787 CVE-2024-20308: A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software coul A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap underflow, resulting in an affected device reloading. This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerabil

CVE-2024-20306 [MEDIUM] CWE-233 CVE-2024-20306: A vulnerability in the Unified Threat Defense (UTD) configuration CLI of Cisco IOS XE Software could A vulnerability in the Unified Threat Defense (UTD) configuration CLI of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying host operating system. To exploit this vulnerability, an attacker must have level 15 privileges on the affected device. This vulnerability is due to insuff

CVE-2024-20324 [MEDIUM] CWE-274 CVE-2024-20324: A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, lo A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords. This vulnerability is due to improper privilege checks. An attacker could exploit this vulnerability by using the show and show tech wireless CLI commands to access configuration d

CVE-2024-20278 [MEDIUM] CWE-184 CVE-2024-20278: A vulnerability in the NETCONF feature of Cisco IOS XE Software could allow an authenticated, remote A vulnerability in the NETCONF feature of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input over NETCONF to an affected device. A success

CVE-2024-20309 [MEDIUM] CWE-828 CVE-2024-20309: A vulnerability in auxiliary asynchronous port (AUX) functions of Cisco IOS XE Software could allow A vulnerability in auxiliary asynchronous port (AUX) functions of Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload or stop responding. This vulnerability is due to the incorrect handling of specific ingress traffic when flow control hardware is enabled on the AUX port. An attacker could exploit

CVE-2024-20316 [MEDIUM] CWE-390 CVE-2024-20316: A vulnerability in the data model interface (DMI) services of Cisco IOS XE Software could allow an u A vulnerability in the data model interface (DMI) services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access resources that should have been protected by a configured IPv4 access control list (ACL). This vulnerability is due to improper handling of error conditions when a successfully authorized device administrator

CVE-2023-20246 [MEDIUM] CWE-290 CVE-2023-20246: Multiple Cisco products are affected by a vulnerability in Snort access control policies that could Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability

CVE-2023-20273 [HIGH] CWE-78 CVE-2023-20273: A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inje

CVE-2023-20198 [CRITICAL] CWE-420 CVE-2023-20198: Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gai

CVE-2023-44487 [HIGH] CWE-400 CVE-2023-44487: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancell The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.