Ios Xe Security Vulnerabilities and Issues — Ios Xe CVE List

Lucene search

CiscoIos Xe

23 matches found

CVE•added 2013/08/05 1:22 p.m.•190 views

CVE-2013-0149

The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, ...

5.8CVSS6.2AI score0.00937EPSS

CVE•added 2013/03/28 11:55 p.m.•54 views

CVE-2013-1148

The General Responder implementation in the IP Service Level Agreement (SLA) feature in Cisco IOS 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S allows remote attackers to cause a denial of service (device reload) via crafted (1) IPv4 or (2) IPv6 IP SLA ...

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/04/11 10:55 a.m.•53 views

CVE-2013-2779

Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 ...

7.8CVSS6.6AI score0.00427EPSS

CVE•added 2013/03/28 11:55 p.m.•52 views

CVE-2013-1143

The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic en...

7.1CVSS6.8AI score0.00399EPSS

CVE•added 2013/04/11 10:55 a.m.•52 views

CVE-2013-1164

Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 multicast packets, aka...

7.8CVSS6.6AI score0.00427EPSS

CVE•added 2013/04/11 10:55 a.m.•51 views

CVE-2013-1167

Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation,...

7.1CVSS6.8AI score0.00277EPSS

CVE•added 2013/04/11 10:55 a.m.•48 views

CVE-2013-1166

Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR), when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service (card reload) by sending many SIP packets, aka Bug ID CSCuc65609.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/09/27 10:8 a.m.•48 views

CVE-2013-5475

Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561.

7.8CVSS6.8AI score0.00316EPSS

CVE•added 2013/10/10 10:55 a.m.•48 views

CVE-2013-5527

The OSPF functionality in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted options in an LSA type 11 packet, aka Bug ID CSCui21030.

5.7CVSS6.8AI score0.00474EPSS

CVE•added 2013/11/29 4:33 a.m.•48 views

CVE-2013-6706

The Cisco Express Forwarding processing module in Cisco IOS XE allows remote attackers to cause a denial of service (device reload) via crafted MPLS packets that are not properly handled during IP header validation, aka Bug ID CSCuj23992.

5.4CVSS6.7AI score0.01745EPSS

CVE•added 2013/04/11 10:55 a.m.•47 views

CVE-2013-1165

Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) allows remote attackers to cause a denial of service (card reload) by sending many crafted L2TP packets, aka Bug ID CSCtz23293.

7.8CVSS6.7AI score0.00427EPSS

CVE•added 2013/09/27 10:8 a.m.•47 views

CVE-2013-5478

Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via crafted UDP RSVP packets, aka Bug ID CSCuf17023.

7.8CVSS6.7AI score0.00427EPSS

CVE•added 2013/10/31 9:55 p.m.•47 views

CVE-2013-5543

Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug I...

7.8CVSS7AI score0.00427EPSS

CVE•added 2013/10/31 9:55 p.m.•46 views

CVE-2013-5545

The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/12/03 7:56 p.m.•46 views

CVE-2013-6704

Cisco IOS XE does not properly manage memory for TFTP UDP flows, which allows remote attackers to cause a denial of service (memory consumption) via TFTP (1) client or (2) server traffic, aka Bug IDs CSCuh09324 and CSCty42686.

7.1CVSS7AI score0.00511EPSS

CVE•added 2013/10/31 9:55 p.m.•45 views

CVE-2013-5546

The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509.

7.8CVSS6.9AI score0.00427EPSS

CVE•added 2013/10/31 9:55 p.m.•42 views

CVE-2013-5547

Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269.

7.8CVSS6.9AI score0.00427EPSS

CVE•added 2013/11/22 1:55 a.m.•40 views

CVE-2013-6692

Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA packet that triggers an address requirement, aka Bug ID CSCuh04949.

6.3CVSS6.4AI score0.00296EPSS

CVE•added 2013/09/27 10:8 a.m.•38 views

CVE-2013-5473

Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed IKEv1 packets, aka Bug ID CSCtx66011.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/09/27 10:8 a.m.•37 views

CVE-2013-5472

The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer rel...

7.1CVSS6.7AI score0.00399EPSS

CVE•added 2013/12/23 10:55 p.m.•36 views

CVE-2013-6979

The VTY authentication implementation in Cisco IOS XE 03.02.xxSE and 03.03.xxSE incorrectly relies on the Linux-IOS internal-network configuration, which allows remote attackers to bypass authentication by leveraging access to a 192.168.x.2 source IP address, aka Bug ID CSCuj90227.

5.4CVSS7.1AI score0.00325EPSS

CVE•added 2013/12/28 4:53 a.m.•34 views

CVE-2013-6981

Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709.

5.4CVSS6.8AI score0.02018EPSS

CVE•added 2013/12/03 7:56 p.m.•32 views

CVE-2013-6705

The IP Device Tracking (IPDT) feature in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (IPDT AVL corruption and device reload) via a crafted sequence of ARP packets, aka Bug ID CSCuh38133.

6.1CVSS6.9AI score0.00349EPSS