Ios_xe - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Ios_xe
(Cisco)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	519

Date	Id	Summary	Products	Score	Patch	Annotated
2024-03-27	CVE-2024-20312	A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device after forming an adjacency. A successful...	Ios, Ios_xe	N/A
2024-03-27	CVE-2024-20308	A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap underflow, resulting in an affected device reloading. This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to...	Ios, Ios_xe	7.5
2025-05-07	CVE-2025-20188	A vulnerability in the Out-of-Band Access Point (AP) Image Download, the Clean Air Spectral Recording, and the client debug bundles features of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an affected system. An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP...	Ios_xe	N/A
2023-10-10	CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.	Http_server, Opensearch_data_prepper, Apisix, Solr, Tomcat, Traffic_server, Swiftnio_http\/2, Caddy, Business_process_automation, Connected_mobile_experiences, Crosswork_data_gateway, Crosswork_situation_manager, Crosswork_zero_touch_provisioning, Data_center_network_manager, Enterprise_chat_and_email, Expressway, Firepower_threat_defense, Fog_director, Ios_xe, Ios_xr, Iot_field_network_director, Nx\-Os, Prime_access_registrar, Prime_cable_provisioning, Prime_infrastructure, Prime_network_registrar, Secure_dynamic_attributes_connector, Secure_malware_analytics, Secure_web_appliance_firmware, Telepresence_video_communication_server, Ultra_cloud_core_\-_policy_control_function, Ultra_cloud_core_\-_serving_gateway_function, Ultra_cloud_core_\-_session_management_function, Unified_attendant_console_advanced, Unified_contact_center_domain_manager, Unified_contact_center_enterprise, Unified_contact_center_enterprise_\-_live_data_server, Unified_contact_center_management_portal, Debian_linux, H2o, Jetty, Envoy, Big\-Ip_access_policy_manager, Big\-Ip_advanced_firewall_manager, Big\-Ip_advanced_web_application_firewall, Big\-Ip_analytics, Big\-Ip_application_acceleration_manager, Big\-Ip_application_security_manager, Big\-Ip_application_visibility_and_reporting, Big\-Ip_carrier\-Grade_nat, Big\-Ip_ddos_hybrid_defender, Big\-Ip_domain_name_system, Big\-Ip_fraud_protection_service, Big\-Ip_global_traffic_manager, Big\-Ip_link_controller, Big\-Ip_local_traffic_manager, Big\-Ip_next, Big\-Ip_next_service_proxy_for_kubernetes, Big\-Ip_policy_enforcement_manager, Big\-Ip_ssl_orchestrator, Big\-Ip_webaccelerator, Big\-Ip_websafe, Nginx, Nginx_ingress_controller, Nginx_plus, Proxygen, Fedora, Go, Http2, Networking, Grpc, Http, Istio, Jenkins, Http2, Kong_gateway, Armeria, Linkerd, \.net, Asp\.net_core, Azure_kubernetes_service, Cbl\-Mariner, Visual_studio_2022, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Astra_control_center, Oncommand_insight, Netty, Nghttp2, Node\.js, Openresty, Contour, 3scale_api_management_platform, Advanced_cluster_management_for_kubernetes, Advanced_cluster_security, Ansible_automation_platform, Build_of_optaplanner, Build_of_quarkus, Ceph_storage, Cert\-Manager_operator_for_red_hat_openshift, Certification_for_red_hat_enterprise_linux, Cost_management, Cryostat, Decision_manager, Enterprise_linux, Fence_agents_remediation_operator, Integration_camel_for_spring_boot, Integration_camel_k, Integration_service_registry, Jboss_a\-Mq, Jboss_a\-Mq_streams, Jboss_core_services, Jboss_data_grid, Jboss_enterprise_application_platform, Jboss_fuse, Logging_subsystem_for_red_hat_openshift, Machine_deletion_remediation_operator, Migration_toolkit_for_applications, Migration_toolkit_for_containers, Migration_toolkit_for_virtualization, Network_observability_operator, Node_healthcheck_operator, Node_maintenance_operator, Openshift, Openshift_api_for_data_protection, Openshift_container_platform, Openshift_container_platform_assisted_installer, Openshift_data_science, Openshift_dev_spaces, Openshift_developer_tools_and_services, Openshift_distributed_tracing, Openshift_gitops, Openshift_pipelines, Openshift_sandboxed_containers, Openshift_secondary_scheduler_operator, Openshift_serverless, Openshift_service_mesh, Openshift_virtualization, Openstack_platform, Process_automation, Quay, Run_once_duration_override_operator, Satellite, Self_node_remediation_operator, Service_interconnect, Service_telemetry_framework, Single_sign\-On, Support_for_spring_boot, Web_terminal, Traefik, Varnish_cache	7.5
2022-09-27	CVE-2021-27853	Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.	Catalyst_6503\-E_firmware, Catalyst_6504\-E_firmware, Catalyst_6506\-E_firmware, Catalyst_6509\-E_firmware, Catalyst_6509\-Neb\-A_firmware, Catalyst_6509\-V\-E_firmware, Catalyst_6513\-E_firmware, Catalyst_6800ia_firmware, Catalyst_6807\-Xl_firmware, Catalyst_6840\-X_firmware, Catalyst_6880\-X_firmware, Catalyst_c6816\-X\-Le_firmware, Catalyst_c6824\-X\-Le\-40g_firmware, Catalyst_c6832\-X\-Le_firmware, Catalyst_c6840\-X\-Le\-40g_firmware, Ios_xe, Meraki_ms210_firmware, Meraki_ms225_firmware, Meraki_ms250_firmware, Meraki_ms350_firmware, Meraki_ms355_firmware, Meraki_ms390_firmware, Meraki_ms410_firmware, Meraki_ms420_firmware, Meraki_ms425_firmware, Meraki_ms450_firmware, N9k\-C9316d\-Gx_firmware, N9k\-C9332d\-Gx2b_firmware, N9k\-C9348d\-Gx2a_firmware, N9k\-C93600cd\-Gx_firmware, N9k\-C9364d\-Gx2a_firmware, N9k\-X9432c\-S_firmware, N9k\-X9464px_firmware, N9k\-X9464tx2_firmware, N9k\-X9564px_firmware, N9k\-X9564tx_firmware, N9k\-X9636c\-R_firmware, N9k\-X9636c\-Rx_firmware, N9k\-X97160yc\-Ex_firmware, N9k\-X9732c\-Ex_firmware, N9k\-X9732c\-Fx_firmware, N9k\-X9736c\-Ex_firmware, N9k\-X9736c\-Fx_firmware, N9k\-X9788tc\-Fx_firmware, Nexus_92160yc\-X_firmware, Nexus_92300yc_firmware, Nexus_92304qc_firmware, Nexus_92348gc\-X_firmware, Nexus_9236c_firmware, Nexus_9272q_firmware, Nexus_93108tc\-Ex_firmware, Nexus_93108tc\-Fx3p_firmware, Nexus_93108tc\-Fx_firmware, Nexus_93120tx_firmware, Nexus_93180yc\-Ex_firmware, Nexus_93180yc\-Fx3_firmware, Nexus_93180yc\-Fx_firmware, Nexus_93216tc\-Fx2_firmware, Nexus_93240yc\-Fx2_firmware, Nexus_9332c_firmware, Nexus_93360yc\-Fx2_firmware, Nexus_9336c\-Fx2\-E_firmware, Nexus_9336c\-Fx2_firmware, Nexus_9348gc\-Fxp_firmware, Nexus_9364c\-Gx_firmware, Nexus_9364c_firmware, Nexus_9432pq_firmware, Nexus_9504_firmware, Nexus_9508_firmware, Nexus_9516_firmware, Nexus_9536pq_firmware, Nexus_9636pq_firmware, Nexus_9716d\-Gx_firmware, Nexus_9736pq_firmware, Nexus_9800_firmware, Nexus_x9636q\-R_firmware, Sf500\-18p_firmware, Sf500\-24_firmware, Sf500\-24p_firmware, Sf500\-48_firmware, Sf500\-48mp_firmware, Sf\-500\-24mp_firmware, Sg500\-28_firmware, Sg500\-28mpp_firmware, Sg500\-28p_firmware, Sg500\-52_firmware, Sg500\-52mp_firmware, Sg500\-52p_firmware, Sg500x\-24_firmware, Sg500x\-24mpp_firmware, Sg500x\-24p_firmware, Sg500x\-48_firmware, Sg500x\-48mpp_firmware, Sg500x\-48p_firmware, Ieee_802\.2, P802\.1q	4.7
2023-10-16	CVE-2023-20198	Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal...	Ios_xe, Allen\-Bradley_stratix_5200_firmware, Allen\-Bradley_stratix_5800_firmware	10.0
2024-03-27	CVE-2024-20259	A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandled when endpoint analytics are enabled. An attacker could exploit this vulnerability by sending a crafted DHCP request through an affected device. A successful exploit could allow the attacker to...	Ios_xe	8.6
2023-09-27	CVE-2023-20109	A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability is due to insufficient validation of attributes in the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols of the GET VPN feature. An attacker...	Ios, Ios_xe	6.6
2017-08-07	CVE-2017-6663	A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affected Releases: Denali-16.2.1 Denali-16.3.1.	Ios, Ios_xe	6.5
2017-09-07	CVE-2017-6627	A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and a denial of service (DoS) condition. The vulnerability is due to Cisco IOS Software application changes that create UDP sockets and leave the sockets idle without closing them. An attacker could exploit this vulnerability by sending UDP...	Ios, Ios_xe	7.5