Ios Xe@16.6.7 Security Vulnerabilities and Issues — Page 2 of Ios Xe@16.6.7 CVE List

Lucene search

CiscoIos Xe16.6.7

65 matches found

CVE•added 2024/09/25 5:15 p.m.•53 views

CVE-2024-20480

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual...

8.6CVSS7.2AI score0.00181EPSS

CVE•added 2025/02/05 5:15 p.m.•53 views

CVE-2025-20170

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7AI score0.00185EPSS

CVE•added 2021/09/23 3:15 a.m.•52 views

CVE-2021-1620

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the cod...

7.7CVSS7.4AI score0.0033EPSS

CVE•added 2024/09/25 5:15 p.m.•52 views

CVE-2024-20414

A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration chan...

6.5CVSS7.1AI score0.00094EPSS

CVE•added 2025/05/07 6:15 p.m.•47 views

CVE-2025-20197

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific config...

8.2CVSS6.6AI score0.00018EPSS

CVE•added 2024/09/25 5:15 p.m.•46 views

CVE-2024-20510

A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication access control list (ACL), which could allow access to network resources before user authentication. T...

9.3CVSS7.2AI score0.00093EPSS

CVE•added 2025/05/07 6:15 p.m.•42 views

CVE-2025-20199

8.2CVSS4.8AI score0.00018EPSS

CVE•added 2025/02/05 5:15 p.m.•41 views

CVE-2025-20171

7.7CVSS7AI score0.00076EPSS

CVE•added 2025/02/05 5:15 p.m.•40 views

CVE-2025-20172

A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker co...

7.7CVSS7.1AI score0.00076EPSS

CVE•added 2025/02/05 5:15 p.m.•40 views

CVE-2025-20174

7.7CVSS7.5AI score0.00185EPSS

CVE•added 2025/05/07 6:15 p.m.•40 views

CVE-2025-20198

8.2CVSS4.8AI score0.00018EPSS

CVE•added 2025/02/05 5:15 p.m.•38 views

CVE-2025-20173

7.7CVSS7.5AI score0.00076EPSS

CVE•added 2025/02/05 5:15 p.m.•37 views

CVE-2025-20175

7.7CVSS7.2AI score0.00185EPSS

CVE•added 2025/05/07 6:15 p.m.•37 views

CVE-2025-20200

8.2CVSS6.6AI score0.00018EPSS

CVE•added 2025/05/07 6:15 p.m.•35 views

CVE-2025-20195

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a CSRF attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management inte...

4.3CVSS4.9AI score0.00056EPSS

Total number of security vulnerabilities65