Ios Xe@2.2.1 Security Vulnerabilities and Issues — Ios Xe@2.2.1 CVE List

Lucene search

CiscoIos Xe2.2.1

10 matches found

CVE•added 2015/08/01 1:59 a.m.•55 views

CVE-2015-4291

Cisco IOS XE 2.x before 2.4.3 and 2.5.x before 2.5.1 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted series of fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCtd72617.

7.8CVSS6.9AI score0.00427EPSS

CVE•added 2015/07/30 2:59 p.m.•45 views

CVE-2015-4293

The packet-reassembly implementation in Cisco IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (CPU consumption or packet loss) via fragmented (1) IPv4 or (2) IPv6 packets that trigger ATTN-3-SYNC_TIMEOUT errors after reassembly failures, aka Bug ID CSCuo37957.

5CVSS6.9AI score0.00474EPSS

CVE•added 2015/08/29 1:59 a.m.•42 views

CVE-2015-6268

Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv4 UDP packet, aka Bug ID CSCsw95482.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2015/09/26 1:59 a.m.•42 views

CVE-2015-6282

Cisco IOS XE 2.x and 3.x before 3.10.6S, 3.11.xS through 3.13.xS before 3.13.3S, and 3.14.xS through 3.15.xS before 3.15.1S allows remote attackers to cause a denial of service (device reload) via IPv4 packets that require NAT and MPLS actions, aka Bug ID CSCut96933.

7.8CVSS6.7AI score0.00411EPSS

CVE•added 2015/08/31 8:59 p.m.•39 views

CVE-2015-6272

Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted H.323 packet, aka Bug ID CSCsx35393, CSCsx07094, and CSCsw93064.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2015/08/29 1:59 a.m.•39 views

CVE-2015-6273

Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and NAT components, which allows remote attackers to cause a denial of service (Embedded Services Processor crash) via crafted IP packets, aka Bug IDs CSCtf87624, C...

7.8CVSS7AI score0.00427EPSS

CVE•added 2015/08/29 1:59 a.m.•36 views

CVE-2015-6267

Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted L2TP packet, aka Bug IDs CSCsw95722 and CSCsw95496.

7.8CVSS6.9AI score0.00427EPSS

CVE•added 2015/08/31 8:59 p.m.•35 views

CVE-2015-6270

Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv6 packet, aka Bug ID CSCsv98555.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2015/08/31 8:59 p.m.•34 views

CVE-2015-6269

Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted (1) IPv4 or (2) IPv6 packet, aka Bug ID CSCsw69990.

7.8CVSS6.9AI score0.00427EPSS

CVE•added 2015/08/31 8:59 p.m.•32 views

CVE-2015-6271

Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted SIP packet, aka Bug IDs CSCta74749 and CSCta77008.

7.8CVSS6.8AI score0.00427EPSS