Cisco IOS XE vulnerabilities

CVE-2021-1622 [HIGH] CWE-833 CVE-2021-1622: A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Co A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This vulnerability is due to a deadlock condition in the code when processing COPS packets under cert

CVE-2021-1565 [HIGH] CWE-415 CVE-2021-1565: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to insufficient vali

CVE-2021-1611 [HIGH] CWE-399 CVE-2021-1611: A vulnerability in Ethernet over GRE (EoGRE) packet processing of Cisco IOS XE Wireless Controller S A vulnerability in Ethernet over GRE (EoGRE) packet processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9800 Family Wireless Controller, Embedded Wireless Controller, and Embedded Wireless on Catalyst 9000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affecte

CVE-2021-34697 [HIGH] CWE-665 CVE-2021-34697: A vulnerability in the Protection Against Distributed Denial of Service Attacks feature of Cisco IOS A vulnerability in the Protection Against Distributed Denial of Service Attacks feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct denial of service (DoS) attacks to or through the affected device. This vulnerability is due to incorrect programming of the half-opened connections limit, TCP SYN flood limit, or T

CVE-2021-34769 [HIGH] CWE-415 CVE-2021-34769: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to insufficient va

CVE-2021-1620 [HIGH] CWE-563 CVE-2021-1620: A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certai

CVE-2021-1616 [MEDIUM] CWE-693 CVE-2021-1616: A vulnerability in the H.323 application level gateway (ALG) used by the Network Address Translation A vulnerability in the H.323 application level gateway (ALG) used by the Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass the ALG. This vulnerability is due to insufficient data validation of traffic that is traversing the ALG. An attacker could exploit this vulnerability by s

CVE-2021-34703 [MEDIUM] CWE-456 CVE-2021-34703: A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper initialization of a buffer. An attacker could exploit this vulnerability

CVE-2021-34723 [MEDIUM] CWE-668 CVE-2021-34723: A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device. This vulnerability is due to insufficient validation of specific CLI command parameters. An attacker could exploit this vulnerability by i

CVE-2021-1625 [MEDIUM] CWE-284 CVE-2021-1625: A vulnerability in the Zone-Based Policy Firewall feature of Cisco IOS XE Software could allow an un A vulnerability in the Zone-Based Policy Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent the Zone-Based Policy Firewall from correctly classifying traffic. This vulnerability exists because ICMP and UDP responder-to-initiator flows are not inspected when the Zone-Based Policy Firewall has either Uni

CVE-2021-34705 [MEDIUM] CWE-232 CVE-2021-34705: A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cis A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability is due to insufficient validation of dial strings at Foreign Exchange Office (FXO) interfaces.

CVE-2021-34729 [MEDIUM] CWE-77 CVE-2021-34729: A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by

CVE-2021-34696 [MEDIUM] CWE-284 CVE-2021-34696: A vulnerability in the access control list (ACL) programming of Cisco ASR 900 and ASR 920 Series Agg A vulnerability in the access control list (ACL) programming of Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect programming of hardware when an ACL is configured using a method other than the configuration CLI. An attacker

CVE-2021-1495 [MEDIUM] CWE-755 CVE-2021-1495: Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could all Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through a

CVE-2021-1451 [CRITICAL] CWE-119 CVE-2021-1451: A vulnerability in the Easy Virtual Switching System (VSS) feature of Cisco IOS XE Software for Cisc A vulnerability in the Easy Virtual Switching System (VSS) feature of Cisco IOS XE Software for Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying Linux operating system of an affected device. The vulnerability is due to incorrect b

CVE-2021-1432 [HIGH] CWE-20 CVE-2021-1432: A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attac A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of

CVE-2021-1403 [HIGH] CWE-345 CVE-2021-1403: A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated, remot A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site WebSocket hijacking (CSWSH) attack and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient HTTP protections in the web UI on an affected device. An attacker could ex

CVE-2021-1446 [HIGH] CWE-754 CVE-2021-1446: A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Tra A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a logic error that occurs when an affected device inspects certain DNS packets. An attacker could ex

CVE-2021-1392 [HIGH] CWE-522 CVE-2021-1392: A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip securit

CVE-2021-1443 [HIGH] CWE-77 CVE-2021-1443: A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying operating system of an affected device. The vulnerability exists because the affected software improperly sanitizes values that are parsed from a specific configuration file. An attacker cou