Ios Xe@16.2.1 Security Vulnerabilities and Issues — Page 2 of Ios Xe@16.2.1 CVE List

Lucene search

CiscoIos Xe16.2.1

70 matches found

CVE•added 2024/09/25 5:15 p.m.•53 views

CVE-2024-20480

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual...

8.6CVSS7.2AI score0.00181EPSS

CVE•added 2025/02/05 5:15 p.m.•53 views

CVE-2025-20170

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7AI score0.00185EPSS

CVE•added 2021/09/23 3:15 a.m.•52 views

CVE-2021-1620

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the cod...

7.7CVSS7.4AI score0.0033EPSS

CVE•added 2024/09/25 5:15 p.m.•52 views

CVE-2024-20414

A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration chan...

6.5CVSS7.1AI score0.00094EPSS

CVE•added 2017/03/22 7:59 p.m.•49 views

CVE-2017-3858

A vulnerability in the web framework of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of HTTP parameters supplied by the user. An attacker could explo...

9CVSS8.8AI score0.00665EPSS

CVE•added 2020/06/03 6:15 p.m.•48 views

CVE-2020-3203

A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a denial of service (DoS) condition. ...

8.6CVSS8.5AI score0.00756EPSS

CVE•added 2025/05/07 6:15 p.m.•47 views

CVE-2025-20197

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific config...

8.2CVSS6.6AI score0.00018EPSS

CVE•added 2025/05/07 6:15 p.m.•43 views

CVE-2025-20196

A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition. This vulnerab...

5.3CVSS5.4AI score0.00062EPSS

CVE•added 2025/05/07 6:15 p.m.•42 views

CVE-2025-20199

8.2CVSS4.8AI score0.00018EPSS

CVE•added 2025/02/05 5:15 p.m.•41 views

CVE-2025-20171

7.7CVSS7AI score0.00076EPSS

CVE•added 2017/04/07 5:59 p.m.•40 views

CVE-2017-6606

A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. More Information: CSCuz06639 CSCuz42122. Known Affe...

6.9CVSS6.7AI score0.00161EPSS

CVE•added 2025/02/05 5:15 p.m.•40 views

CVE-2025-20172

A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker co...

7.7CVSS7.1AI score0.00076EPSS

CVE•added 2025/02/05 5:15 p.m.•40 views

CVE-2025-20174

7.7CVSS7.5AI score0.00185EPSS

CVE•added 2025/05/07 6:15 p.m.•40 views

CVE-2025-20198

8.2CVSS4.8AI score0.00018EPSS

CVE•added 2025/02/05 5:15 p.m.•38 views

CVE-2025-20173

7.7CVSS7.5AI score0.00076EPSS

CVE•added 2025/02/05 5:15 p.m.•37 views

CVE-2025-20175

7.7CVSS7.2AI score0.00185EPSS

CVE•added 2025/05/07 6:15 p.m.•37 views

CVE-2025-20200

8.2CVSS6.6AI score0.00018EPSS

CVE•added 2016/10/05 8:59 p.m.•36 views

CVE-2016-6378

Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets that require NAT, aka Bug ID CSCuw85853.

7.8CVSS7.4AI score0.00743EPSS

CVE•added 2025/05/07 6:15 p.m.•35 views

CVE-2025-20195

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a CSRF attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management inte...

4.3CVSS4.9AI score0.00056EPSS

CVE•added 2016/11/19 3:2 a.m.•33 views

CVE-2016-6450

A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system. This vulnerability affects the following products if they are running a vulnerable release of Cisco IOS XE Sof...

2.5CVSS3.9AI score0.00063EPSS

Total number of security vulnerabilities70