Ios Xe@3.11.2ae Security Vulnerabilities and Issues — Ios Xe@3.11.2ae CVE List

Lucene search

CiscoIos Xe3.11.2ae

7 matches found

CVE•added 2023/03/23 5:15 p.m.•118 views

CVE-2023-20080

A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could e...

8.6CVSS7.7AI score0.00135EPSS

CVE•added 2021/03/24 8:15 p.m.•77 views

CVE-2021-1377

A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resolving ARP entries for legitimate hosts on the connected subnets. This vulnerability exists because A...

5.8CVSS5.7AI score0.00544EPSS

CVE•added 2021/03/24 8:15 p.m.•65 views

CVE-2021-1451

A vulnerability in the Easy Virtual Switching System (VSS) feature of Cisco IOS XE Software for Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying Linux operating system of an affe...

9.8CVSS9.5AI score0.00656EPSS

CVE•added 2021/09/23 3:15 a.m.•63 views

CVE-2021-34699

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerabi...

7.7CVSS7.4AI score0.00702EPSS

CVE•added 2021/03/24 8:15 p.m.•60 views

CVE-2021-1391

A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker co...

7.2CVSS5.8AI score0.00041EPSS

CVE•added 2021/03/24 8:15 p.m.•53 views

CVE-2021-1442

A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to the level of an Administrator user (level 15) on an affected device. The vulnerability is due to insufficient protection of se...

7.8CVSS7.3AI score0.00049EPSS

CVE•added 2021/09/23 3:15 a.m.•52 views

CVE-2021-1620

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the cod...

7.7CVSS7.4AI score0.0033EPSS