Cisco IOS XE vulnerabilities

CVE-2021-1436 [MEDIUM] CWE-22 CVE-2021-1436: A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attac A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request

CVE-2021-1434 [MEDIUM] CWE-552 CVE-2021-1434: A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attac A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system. This vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific paramete

CVE-2021-1281 [MEDIUM] CWE-399 CVE-2021-1281: A vulnerability in CLI management in Cisco IOS XE SD-WAN Software could allow an authenticated, loca A vulnerability in CLI management in Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system as the root user. This vulnerability is due to the way the software handles concurrent CLI sessions. An attacker could exploit this vulnerability by authenticating to the device as an administrative u

CVE-2021-1382 [MEDIUM] CWE-77 CVE-2021-1382: A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attac A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to

CVE-2021-1398 [MEDIUM] CWE-489 CVE-2021-1398: A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attac A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attacker with level 15 privileges or an unauthenticated attacker with physical access to execute arbitrary code on the underlying Linux operating system of an affected device. This vulnerability is due to incorrect validations of specific function arguments

CVE-2021-1383 [MEDIUM] CWE-20 CVE-2021-1383: Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, lo Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submi

CVE-2021-1223 [HIGH] CWE-693 CVE-2021-1223: Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could all Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected de

CVE-2021-1236 [MEDIUM] CWE-670 CVE-2021-1236: Multiple Cisco products are affected by a vulnerability in the Snort application detection engine th Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would

CVE-2021-1224 [MEDIUM] CWE-693 CVE-2021-1224: Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjun Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the

CVE-2020-3444 [HIGH] CWE-20 CVE-2020-3444: A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthentic A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by crafting a malicious TCP packet with specific characteristic

CVE-2020-3497 [HIGH] CWE-20 CVE-2020-3497: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient val

CVE-2020-3492 [HIGH] CWE-20 CVE-2020-3492: A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisc A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to i

CVE-2020-3493 [HIGH] CWE-20 CVE-2020-3493: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient val

CVE-2020-3526 [HIGH] CWE-20 CVE-2020-3526: A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cB A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a malformed COPS message to the device. A

CVE-2020-3409 [HIGH] CWE-20 CVE-2020-3409: A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an

CVE-2020-3421 [HIGH] CWE-754 CVE-2020-3421: Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. The vulnerabilities are due to incomplete handling of Layer 4 packets through the device. An attacker could exploit these vulnerabilities by sen

CVE-2020-3509 [HIGH] CWE-388 CVE-2020-3509: A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broad A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are par

CVE-2020-3494 [HIGH] CWE-20 CVE-2020-3494: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient val

CVE-2020-3489 [HIGH] CWE-20 CVE-2020-3489: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient val

CVE-2020-3511 [HIGH] CWE-20 CVE-2020-3511: A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the ISDN Q.931 messages are processed. An attacker could exploit t