Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CiscoIos Xe3.3.0xo

24 matches found

CVE
CVEadded 2020/06/03 6:15 p.m.201 views

CVE-2020-3204

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is d...

7.2CVSS6.9AI score0.00063EPSS
CVE
CVEadded 2023/03/23 5:15 p.m.118 views

CVE-2023-20080

A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could e...

8.6CVSS7.7AI score0.00135EPSS
CVE
CVEadded 2019/03/28 1:29 a.m.112 views

CVE-2019-1761

A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker co...

4.3CVSS4.3AI score0.00074EPSS
CVE
CVEadded 2023/09/27 6:15 p.m.112 views

CVE-2023-20186

A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy Prot...

9.1CVSS9.2AI score0.00111EPSS
CVE
CVEadded 2018/10/05 2:29 p.m.110 views

CVE-2018-0197

A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to a log...

6.5CVSS6.5AI score0.00149EPSS
CVE
CVEadded 2016/05/29 10:59 p.m.106 views

CVE-2016-1409

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in ...

7.5CVSS7.1AI score0.04038EPSS
CVE
CVEadded 2019/03/27 11:29 p.m.98 views

CVE-2019-1737

A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is du...

8.6CVSS8.4AI score0.01156EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.98 views

CVE-2020-3228

A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists bec...

8.6CVSS7.3AI score0.01654EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.97 views

CVE-2020-3200

A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which le...

7.7CVSS7.5AI score0.01166EPSS
CVE
CVEadded 2019/03/28 12:29 a.m.95 views

CVE-2019-1746

A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation ...

7.4CVSS6.9AI score0.00145EPSS
CVE
CVEadded 2019/03/28 12:29 a.m.89 views

CVE-2019-1748

A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently validates certificates....

7.4CVSS7.4AI score0.00421EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.72 views

CVE-2020-3209

A vulnerability in software image verification in Cisco IOS XE Software could allow an unauthenticated, physical attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. The vulnerability is due to an improper check on the area of code that manages...

7.2CVSS6.9AI score0.0045EPSS
CVE
CVEadded 2017/03/22 7:59 p.m.70 views

CVE-2017-3856

A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An ...

7.8CVSS7.5AI score0.00859EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.69 views

CVE-2020-3230

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect handling of crafted IKEv2...

7.5CVSS7.5AI score0.01961EPSS
CVE
CVEadded 2021/03/24 8:15 p.m.67 views

CVE-2021-1392

A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorr...

7.8CVSS7.6AI score0.0003EPSS
CVE
CVEadded 2021/09/23 3:15 a.m.63 views

CVE-2021-34699

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerabi...

7.7CVSS7.4AI score0.00702EPSS
CVE
CVEadded 2024/03/27 5:15 p.m.62 views

CVE-2024-20312

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input va...

7.4CVSS6.8AI score0.00065EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.61 views

CVE-2020-3225

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities...

8.6CVSS8.5AI score0.01945EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.57 views

CVE-2020-3235

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input vali...

7.7CVSS7.3AI score0.00287EPSS
CVE
CVEadded 2017/09/29 1:34 a.m.53 views

CVE-2017-12228

A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient cer...

5.9CVSS5.7AI score0.00323EPSS
CVE
CVEadded 2016/10/05 5:59 p.m.51 views

CVE-2016-6392

Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.1 through 3.9 allow remote attackers to cause a denial of service (device restart) via a crafted IPv4 Multicast Source Discovery Protocol (MSDP) Source-Active (SA) message, aka Bug ID CSCud36767.

7.8CVSS7.2AI score0.01028EPSS
CVE
CVEadded 2016/10/05 8:59 p.m.42 views

CVE-2016-6385

Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.

7.8CVSS7.2AI score0.03572EPSS
CVE
CVEadded 2017/04/07 5:59 p.m.40 views

CVE-2017-6606

A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. More Information: CSCuz06639 CSCuz42122. Known Affe...

6.9CVSS6.7AI score0.00161EPSS
CVE
CVEadded 2016/04/20 5:59 p.m.39 views

CVE-2016-1384

The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898.

7.5CVSS7.4AI score0.00161EPSS