Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CiscoIos Xe3.8.0e

54 matches found

CVE
CVEadded 2017/08/07 6:29 a.m.982 views

CVE-2017-6663

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affec...

6.5CVSS6.2AI score0.01486EPSS
CVE
CVEadded 2023/09/27 6:15 p.m.345 views

CVE-2023-20109

A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause...

6.6CVSS7.1AI score0.00879EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.201 views

CVE-2020-3204

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is d...

7.2CVSS6.9AI score0.00063EPSS
CVE
CVEadded 2017/08/07 6:29 a.m.148 views

CVE-2017-6770

Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerabili...

4.2CVSS3.5AI score0.00583EPSS
CVE
CVEadded 2024/09/25 5:15 p.m.142 views

CVE-2024-20433

A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a bu...

8.6CVSS7.6AI score0.00318EPSS
CVE
CVEadded 2023/03/23 5:15 p.m.118 views

CVE-2023-20080

A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could e...

8.6CVSS7.7AI score0.00135EPSS
CVE
CVEadded 2019/03/28 1:29 a.m.112 views

CVE-2019-1761

A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker co...

4.3CVSS4.3AI score0.00074EPSS
CVE
CVEadded 2023/09/27 6:15 p.m.112 views

CVE-2023-20186

A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy Prot...

9.1CVSS9.2AI score0.00111EPSS
CVE
CVEadded 2018/10/05 2:29 p.m.110 views

CVE-2018-0197

A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to a log...

6.5CVSS6.5AI score0.00149EPSS
CVE
CVEadded 2016/05/29 10:59 p.m.106 views

CVE-2016-1409

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in ...

7.5CVSS7.1AI score0.04038EPSS
CVE
CVEadded 2019/03/27 11:29 p.m.98 views

CVE-2019-1737

A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is du...

8.6CVSS8.4AI score0.01156EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.98 views

CVE-2020-3228

A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists bec...

8.6CVSS7.3AI score0.01654EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.97 views

CVE-2020-3200

A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which le...

7.7CVSS7.5AI score0.01166EPSS
CVE
CVEadded 2019/03/28 12:29 a.m.95 views

CVE-2019-1746

A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation ...

7.4CVSS6.9AI score0.00145EPSS
CVE
CVEadded 2017/04/20 10:59 p.m.91 views

CVE-2017-3861

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. The...

8.6CVSS8.8AI score0.00683EPSS
CVE
CVEadded 2019/03/28 12:29 a.m.89 views

CVE-2019-1748

A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently validates certificates....

7.4CVSS7.4AI score0.00421EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.80 views

CVE-2025-20169

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7AI score0.00185EPSS
CVE
CVEadded 2016/10/05 8:59 p.m.75 views

CVE-2016-6380

The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532.

8.3CVSS7.8AI score0.02265EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.72 views

CVE-2020-3209

A vulnerability in software image verification in Cisco IOS XE Software could allow an unauthenticated, physical attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. The vulnerability is due to an improper check on the area of code that manages...

7.2CVSS6.9AI score0.0045EPSS
CVE
CVEadded 2017/03/22 7:59 p.m.70 views

CVE-2017-3856

A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An ...

7.8CVSS7.5AI score0.00859EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.69 views

CVE-2020-3230

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect handling of crafted IKEv2...

7.5CVSS7.5AI score0.01961EPSS
CVE
CVEadded 2019/03/28 12:29 a.m.67 views

CVE-2019-1750

A vulnerability in the Easy Virtual Switching System (VSS) of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. The vulnerability is due to incomplete error handling when processing Cisco Discovery Protocol (CDP...

7.4CVSS7.4AI score0.00145EPSS
CVE
CVEadded 2024/03/27 6:15 p.m.66 views

CVE-2024-20308

A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap underflow, resulting in an affected device reloading. This vulnerability exists because crafted, fragmented IKEv1 packets are not properly ...

8.6CVSS7.2AI score0.00992EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.65 views

CVE-2020-3217

A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition ...

8.8CVSS9AI score0.00244EPSS
CVE
CVEadded 2021/03/24 8:15 p.m.65 views

CVE-2021-1451

A vulnerability in the Easy Virtual Switching System (VSS) feature of Cisco IOS XE Software for Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying Linux operating system of an affe...

9.8CVSS9.5AI score0.00656EPSS
CVE
CVEadded 2017/08/07 6:29 a.m.63 views

CVE-2017-6665

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system, a...

6.5CVSS6.2AI score0.00098EPSS
CVE
CVEadded 2021/09/23 3:15 a.m.63 views

CVE-2021-34699

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerabi...

7.7CVSS7.4AI score0.00702EPSS
CVE
CVEadded 2024/03/27 5:15 p.m.62 views

CVE-2024-20312

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input va...

7.4CVSS6.8AI score0.00065EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.61 views

CVE-2025-20176

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7.2AI score0.00076EPSS
CVE
CVEadded 2017/04/20 10:59 p.m.60 views

CVE-2017-3860

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. The...

8.6CVSS8.8AI score0.00683EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.58 views

CVE-2020-3215

A vulnerability in the Virtual Services Container of Cisco IOS XE Software could allow an authenticated, local attacker to gain root-level privileges on an affected device. The vulnerability is due to insufficient validation of a user-supplied open virtual appliance (OVA). An attacker could exploit...

7.2CVSS6.5AI score0.00059EPSS
CVE
CVEadded 2016/10/05 5:59 p.m.57 views

CVE-2016-6381

Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and 16.1 allow remote attackers to cause a denial of service (memory consumption or device reload) via fragmented IKEv1 packets, aka Bug ID CSCuy47382.

7.5CVSS7.3AI score0.0126EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.57 views

CVE-2020-3235

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input vali...

7.7CVSS7.3AI score0.00287EPSS
CVE
CVEadded 2017/09/29 1:34 a.m.53 views

CVE-2017-12228

A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient cer...

5.9CVSS5.7AI score0.00323EPSS
CVE
CVEadded 2021/03/24 8:15 p.m.53 views

CVE-2021-1442

A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to the level of an Administrator user (level 15) on an affected device. The vulnerability is due to insufficient protection of se...

7.8CVSS7.3AI score0.00049EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.53 views

CVE-2025-20170

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7AI score0.00185EPSS
CVE
CVEadded 2017/04/20 10:59 p.m.52 views

CVE-2017-3863

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. The...

8.6CVSS8.8AI score0.00683EPSS
CVE
CVEadded 2021/09/23 3:15 a.m.52 views

CVE-2021-1620

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the cod...

7.7CVSS7.4AI score0.0033EPSS
CVE
CVEadded 2024/09/25 5:15 p.m.52 views

CVE-2024-20414

A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration chan...

6.5CVSS7.1AI score0.00094EPSS
CVE
CVEadded 2016/10/05 5:59 p.m.49 views

CVE-2016-6382

Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow remote attackers to cause a denial of service (device restart) via a malformed IPv6 Protocol Independent Multicast (PIM) register packet, aka Bug ID CSCuy16399.

7.8CVSS7.2AI score0.06259EPSS
CVE
CVEadded 2017/04/20 10:59 p.m.48 views

CVE-2017-3862

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. The...

8.6CVSS8.8AI score0.00683EPSS
CVE
CVEadded 2017/03/21 4:59 p.m.46 views

CVE-2017-3850

A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplet...

7.1CVSS5.8AI score0.00395EPSS
CVE
CVEadded 2016/10/05 8:59 p.m.42 views

CVE-2016-6385

Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.

7.8CVSS7.2AI score0.03572EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.42 views

CVE-2025-20199

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific config...

8.2CVSS4.8AI score0.00018EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.41 views

CVE-2025-20171

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7AI score0.00076EPSS
CVE
CVEadded 2017/04/07 5:59 p.m.40 views

CVE-2017-6606

A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. More Information: CSCuz06639 CSCuz42122. Known Affe...

6.9CVSS6.7AI score0.00161EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.40 views

CVE-2025-20172

A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker co...

7.7CVSS7.1AI score0.00076EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.40 views

CVE-2025-20198

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific config...

8.2CVSS4.8AI score0.00018EPSS
CVE
CVEadded 2016/04/20 5:59 p.m.39 views

CVE-2016-1384

The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898.

7.5CVSS7.4AI score0.00303EPSS
CVE
CVEadded 2017/03/21 4:59 p.m.39 views

CVE-2017-3849

A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vul...

7.4CVSS7.3AI score0.00126EPSS
Total number of security vulnerabilities54