Ios Xe@16.3(1) Security Vulnerabilities and Issues — Ios Xe@16.3(1) CVE List

Lucene search

CiscoIos Xe16.3(1)

4 matches found

CVE•added 2018/03/28 10:29 p.m.•109 views

CVE-2018-0196

A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. The vulnerability is due to insufficient input validation of HTTP requests that are sent to the web...

4.9CVSS5.2AI score0.00142EPSS

CVE•added 2018/10/05 2:29 p.m.•99 views

CVE-2018-15371

A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authenti...

7.2CVSS6.7AI score0.00048EPSS

CVE•added 2017/10/19 8:29 a.m.•62 views

CVE-2017-12272

A vulnerability in the web framework code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. The vulnerability is due to insufficient input validation of some parameter...

6.1CVSS6AI score0.00232EPSS

CVE•added 2018/10/05 2:29 p.m.•52 views

CVE-2018-0470

A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly parsing malformed ...

8.6CVSS8.8AI score0.03955EPSS