Ios Xe Security Vulnerabilities and Issues — Ios Xe CVE List

Lucene search

CiscoIos Xe

24 matches found

CVE•added 2014/09/25 10:55 a.m.•60 views

CVE-2014-3355

The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCug75942.

7.8CVSS6.6AI score0.01092EPSS

CVE•added 2014/03/27 9:55 p.m.•57 views

CVE-2014-2108

Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426.

7.8CVSS6.5AI score0.01104EPSS

CVE•added 2014/11/07 11:55 a.m.•51 views

CVE-2014-7990

Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege, aka Bug ID CSCur09815.

6.8CVSS6.6AI score0.00084EPSS

CVE•added 2014/03/27 9:55 p.m.•49 views

CVE-2014-2106

Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S allow remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCug45898.

7.8CVSS6.6AI score0.01696EPSS

CVE•added 2014/07/09 11:7 a.m.•49 views

CVE-2014-3309

The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318.

5CVSS6.9AI score0.0021EPSS

CVE•added 2014/09/25 10:55 a.m.•48 views

CVE-2014-3356

7.8CVSS4.1AI score0.0191EPSS

CVE•added 2014/10/25 10:55 a.m.•48 views

CVE-2014-3409

The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406.

6.1CVSS6.8AI score0.01488EPSS

CVE•added 2014/04/24 10:55 a.m.•46 views

CVE-2012-5723

Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

6.1CVSS7AI score0.00182EPSS

CVE•added 2014/05/16 11:12 a.m.•45 views

CVE-2014-3262

The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782...

4.3CVSS6.7AI score0.00643EPSS

CVE•added 2014/05/25 10:55 p.m.•45 views

CVE-2014-3284

Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180.

6.1CVSS6.8AI score0.0067EPSS

CVE•added 2014/09/25 10:55 a.m.•45 views

CVE-2014-3354

Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP ...

7.8CVSS6.6AI score0.02904EPSS

CVE•added 2014/09/25 10:55 a.m.•45 views

CVE-2014-3359

Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed DHCPv6 packets, aka B...

7.8CVSS6.7AI score0.01092EPSS

CVE•added 2014/10/10 1:55 a.m.•45 views

CVE-2014-3404

The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677.

4.3CVSS6.8AI score0.00131EPSS

CVE•added 2014/08/11 10:55 p.m.•43 views

CVE-2014-3327

The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101.

7.8CVSS6.6AI score0.01451EPSS

CVE•added 2014/09/25 10:55 a.m.•42 views

CVE-2014-3357

Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866.

7.8CVSS6.8AI score0.00898EPSS

CVE•added 2014/09/25 10:55 a.m.•42 views

CVE-2014-3360

Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CS...

7.8CVSS6.6AI score0.0191EPSS

CVE•added 2014/05/20 11:13 a.m.•39 views

CVE-2014-3269

The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service (device reload) by polling frequently, aka Bug ID CSCug65204.

6.8CVSS6.3AI score0.00316EPSS

CVE•added 2014/10/10 1:55 a.m.•39 views

CVE-2014-3405

Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy Networks (aka RPL) on both the Autonomic Control Plane (ACP) and external Autonomic Networking Infrastructure (ANI) interfaces, which allows remote attackers to conduct route-injection attacks via crafted RPL advertisements on a...

4.8CVSS6.9AI score0.00196EPSS

CVE•added 2014/03/27 9:55 p.m.•38 views

CVE-2014-2113

Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540.

7.8CVSS6.5AI score0.01104EPSS

CVE•added 2014/04/04 3:10 p.m.•38 views

CVE-2014-2143

The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021.

5CVSS6.7AI score0.00412EPSS

CVE•added 2014/09/25 10:55 a.m.•38 views

CVE-2014-3358

Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS pa...

7.8CVSS6.8AI score0.00898EPSS

CVE•added 2014/10/10 1:55 a.m.•38 views

CVE-2014-3403

The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647.

5CVSS6.9AI score0.00131EPSS

CVE•added 2014/06/14 11:18 a.m.•37 views

CVE-2014-3290

The mDNS implementation in Cisco IOS XE 3.12S does not properly interact with autonomic networking, which allows remote attackers to obtain sensitive networking-services information by sniffing the network or overwrite networking-services data via a crafted mDNS response, aka Bug ID CSCun64867.

4.8CVSS6.2AI score0.0056EPSS

CVE•added 2014/04/29 10:37 a.m.•36 views

CVE-2014-2183

The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.

6.3CVSS6.4AI score0.00296EPSS