Ios Xe Security Vulnerabilities and Issues — Ios Xe CVE List

Lucene search

CiscoIos Xe

8 matches found

CVE•added 2017/03/17 10:59 p.m.•1142 views

CVE-2017-3881

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes T...

10CVSS9.7AI score0.94083EPSS

In wild

CVE•added 2017/03/22 7:59 p.m.•90 views

CVE-2017-3857

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient valida...

7.8CVSS7.5AI score0.01141EPSS

CVE•added 2017/03/22 7:59 p.m.•70 views

CVE-2017-3856

A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An ...

7.8CVSS7.5AI score0.00859EPSS

CVE•added 2017/03/22 7:59 p.m.•67 views

CVE-2017-3859

A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a format string vulnerability when processing a crafted DH...

7.8CVSS7.6AI score0.00344EPSS

CVE•added 2017/03/22 7:59 p.m.•62 views

CVE-2017-3864

A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. A...

8.6CVSS8.3AI score0.01125EPSS

CVE•added 2017/03/22 7:59 p.m.•49 views

CVE-2017-3858

A vulnerability in the web framework of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of HTTP parameters supplied by the user. An attacker could explo...

9CVSS8.8AI score0.00665EPSS

CVE•added 2017/03/21 4:59 p.m.•46 views

CVE-2017-3850

A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplet...

7.1CVSS5.8AI score0.00395EPSS

CVE•added 2017/03/21 4:59 p.m.•39 views

CVE-2017-3849

A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vul...

7.4CVSS7.3AI score0.00126EPSS