Ios Xe@17.9.1a Security Vulnerabilities and Issues — Ios Xe@17.9.1a CVE List

Lucene search

CiscoIos Xe17.9.1a

8 matches found

CVE•added 2023/10/25 6:17 p.m.•691 views

CVE-2023-20273

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web U...

7.2CVSS8.2AI score0.91786EPSS

In wild

CVE•added 2023/09/27 6:15 p.m.•373 views

CVE-2023-20109

A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause...

6.6CVSS7.1AI score0.01331EPSS

In wild

CVE•added 2023/09/27 6:15 p.m.•114 views

CVE-2023-20186

A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy Prot...

9.1CVSS9.2AI score0.00089EPSS

CVE•added 2023/09/27 6:15 p.m.•91 views

CVE-2023-20231

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the we...

8.8CVSS9AI score0.00514EPSS

CVE•added 2023/09/27 6:15 p.m.•87 views

CVE-2023-20226

A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to ...

8.6CVSS7.5AI score0.00154EPSS

CVE•added 2023/09/27 6:15 p.m.•79 views

CVE-2023-20187

A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vul...

8.6CVSS7.6AI score0.00412EPSS

CVE•added 2023/03/23 5:15 p.m.•71 views

CVE-2023-20072

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of large...

8.6CVSS8.5AI score0.00546EPSS

CVE•added 2023/09/27 6:15 p.m.•71 views

CVE-2023-20202

A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper memory management. An attacker could exploit this...

6.5CVSS6.5AI score0.0008EPSS