Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CiscoIos Xe17.6.5a

33 matches found

CVE
CVEadded 2023/09/27 6:15 p.m.348 views

CVE-2023-20109

A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause...

6.6CVSS7.1AI score0.00879EPSS
CVE
CVEadded 2024/09/25 5:15 p.m.142 views

CVE-2024-20433

A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a bu...

8.6CVSS7.6AI score0.00318EPSS
CVE
CVEadded 2024/09/25 5:15 p.m.84 views

CVE-2024-20437

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for ...

8.8CVSS7.7AI score0.0027EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.80 views

CVE-2025-20169

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7AI score0.00185EPSS
CVE
CVEadded 2024/04/24 9:15 p.m.77 views

CVE-2024-20313

A vulnerability in the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of OSPF updates th...

7.4CVSS6.9AI score0.00039EPSS
CVE
CVEadded 2024/03/27 6:15 p.m.66 views

CVE-2024-20308

A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap underflow, resulting in an affected device reloading. This vulnerability exists because crafted, fragmented IKEv1 packets are not properly ...

8.6CVSS7.2AI score0.00992EPSS
CVE
CVEadded 2024/03/27 5:15 p.m.62 views

CVE-2024-20312

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input va...

7.4CVSS6.8AI score0.00065EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.61 views

CVE-2025-20176

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7.2AI score0.00076EPSS
CVE
CVEadded 2024/09/25 5:15 p.m.59 views

CVE-2024-20436

A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a null pointer dereference when accessin...

8.6CVSS7.1AI score0.00484EPSS
CVE
CVEadded 2024/03/27 5:15 p.m.58 views

CVE-2024-20259

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandle...

8.6CVSS7.1AI score0.00568EPSS
CVE
CVEadded 2024/09/25 5:15 p.m.55 views

CVE-2024-20434

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this vuln...

4.3CVSS7AI score0.00064EPSS
CVE
CVEadded 2024/09/25 5:15 p.m.53 views

CVE-2024-20480

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual...

8.6CVSS7.2AI score0.00181EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.53 views

CVE-2025-20170

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7AI score0.00185EPSS
CVE
CVEadded 2024/09/25 5:15 p.m.52 views

CVE-2024-20414

A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration chan...

6.5CVSS7.1AI score0.00094EPSS
CVE
CVEadded 2024/09/25 5:15 p.m.51 views

CVE-2024-20455

A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exist...

8.6CVSS7.1AI score0.00412EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.47 views

CVE-2025-20197

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific config...

8.2CVSS6.6AI score0.00018EPSS
CVE
CVEadded 2024/09/25 5:15 p.m.46 views

CVE-2024-20510

A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication access control list (ACL), which could allow access to network resources before user authentication. T...

9.3CVSS7.2AI score0.00093EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.45 views

CVE-2025-20202

A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of access point (AP) Cisco Discovery Protocol (CDP) neighbor ...

7.4CVSS7.3AI score0.00021EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.43 views

CVE-2025-20194

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerab...

5.4CVSS5.5AI score0.00053EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.43 views

CVE-2025-20196

A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition. This vulnerab...

5.3CVSS5.4AI score0.00062EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.42 views

CVE-2025-20199

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific config...

8.2CVSS4.8AI score0.00018EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.41 views

CVE-2025-20171

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7AI score0.00076EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.40 views

CVE-2025-20172

A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker co...

7.7CVSS7.1AI score0.00076EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.40 views

CVE-2025-20174

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7.5AI score0.00185EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.40 views

CVE-2025-20198

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific config...

8.2CVSS4.8AI score0.00018EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.40 views

CVE-2025-20221

A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters. This vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vu...

9.1CVSS5.3AI score0.00019EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.38 views

CVE-2025-20173

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7.5AI score0.00076EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.38 views

CVE-2025-20186

A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device. This vulnerability is due to ins...

8.8CVSS9.2AI score0.00434EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.37 views

CVE-2025-20162

A vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a full interface queue wedge, which could result in a denial of service (DoS) condition. This vulnerability is due to improper handling of DHCP request packets. An...

8.6CVSS8.7AI score0.00159EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.37 views

CVE-2025-20175

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7.2AI score0.00185EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.37 views

CVE-2025-20200

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific config...

8.2CVSS6.6AI score0.00018EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.35 views

CVE-2025-20193

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device.r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnera...

6.5CVSS6.5AI score0.0006EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.35 views

CVE-2025-20195

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a CSRF attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management inte...

4.3CVSS4.9AI score0.00056EPSS