Cisco IOS XE vulnerabilities

CVE-2023-20235 [HIGH] CWE-552 CVE-2023-20235: A vulnerability in the on-device application development workflow feature for the Cisco IOx applicat A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the root user. This vulnerability exists because Docker containers with the privileged runtime option are not

CVE-2023-20186 [CRITICAL] CWE-285 CVE-2023-20186: A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Soft A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy Protocol (SCP). This vulnerability is due to incorrect

CVE-2023-20231 [HIGH] CWE-78 CVE-2023-20231: A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to

CVE-2023-20033 [HIGH] CWE-770 CVE-2023-20033: A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series Switches c A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper resource management when processing traffic that is received on th

CVE-2023-20227 [HIGH] CWE-388 CVE-2023-20227: A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allo A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain L2TP packets. An attacker could exploit this vulnerability by sending crafted L2TP packet

CVE-2023-20226 [HIGH] CWE-456 CVE-2023-20226: A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Ci A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the mishandling of a crafted packet stream through the

CVE-2023-20187 [HIGH] CWE-823 CVE-2023-20187: A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software fo A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect handling of certain IPv

CVE-2023-20109 [MEDIUM] CWE-787 CVE-2023-20109: A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software a A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability is due to i

CVE-2023-20202 [MEDIUM] CWE-789 CVE-2023-20202: A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of network request

CVE-2023-20029 [HIGH] CWE-122 CVE-2023-20029: A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticat A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to insufficient memory protection in the Meraki onboarding feature of an affected device. An attacker could exploit this vulnerability by modifying the Mer

CVE-2023-20080 [HIGH] CWE-129 CVE-2023-20080: A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS X A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could exploit this vulnerability by sending crafted DHCPv6 me

CVE-2023-20072 [HIGH] CWE-20 CVE-2023-20072: A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Softwa A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of large fragmented tunnel protocol packets. One example of a t

CVE-2023-20027 [HIGH] CWE-416 CVE-2023-20027: A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper reassembly of large packets that occurs when VFR is enabled on either a tunnel

CVE-2023-20065 [HIGH] CWE-284 CVE-2023-20065: A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Ci

CVE-2023-20066 [MEDIUM] CWE-23 CVE-2023-20066: A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted requ

CVE-2023-20097 [MEDIUM] CWE-77 CVE-2023-20097: A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller

CVE-2023-20056 [MEDIUM] CWE-78 CVE-2023-20056: A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticat A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a devi

CVE-2023-20100 [MEDIUM] CWE-694 CVE-2023-20100: A vulnerability in the access point (AP) joining process of the Control and Provisioning of Wireless A vulnerability in the access point (AP) joining process of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic erro

CVE-2023-20082 [MEDIUM] CWE-78 CVE-2023-20082: A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an auth A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to errors that occur when retrieving th

CVE-2023-20081 [MEDIUM] CWE-122 CVE-2023-20081: A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) S A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insu