Ios_xe - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Ios_xe
(Cisco)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	519

Date	Id	Summary	Products	Score	Patch	Annotated
2025-02-05	CVE-2025-20173	A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS...	Ios, Ios_xe	N/A
2025-02-05	CVE-2025-20176	A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS...	Ios, Ios_xe	N/A
2025-02-05	CVE-2025-20174	A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS...	Ios, Ios_xe	7.7
2024-03-27	CVE-2024-20312	A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device after forming an adjacency. A successful...	Ios, Ios_xe	N/A
2024-03-27	CVE-2024-20308	A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap underflow, resulting in an affected device reloading. This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to...	Ios, Ios_xe	7.5
2025-05-07	CVE-2025-20188	A vulnerability in the Out-of-Band Access Point (AP) Image Download, the Clean Air Spectral Recording, and the client debug bundles features of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an affected system. An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP...	Ios_xe	N/A
2023-10-10	CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.	Http_server, Opensearch_data_prepper, Apisix, Solr, Tomcat, Traffic_server, Swiftnio_http\/2, Caddy, Business_process_automation, Connected_mobile_experiences, Crosswork_data_gateway, Crosswork_situation_manager, Crosswork_zero_touch_provisioning, Data_center_network_manager, Enterprise_chat_and_email, Expressway, Firepower_threat_defense, Fog_director, Ios_xe, Ios_xr, Iot_field_network_director, Nx\-Os, Prime_access_registrar, Prime_cable_provisioning, Prime_infrastructure, Prime_network_registrar, Secure_dynamic_attributes_connector, Secure_malware_analytics, Secure_web_appliance_firmware, Telepresence_video_communication_server, Ultra_cloud_core_\-_policy_control_function, Ultra_cloud_core_\-_serving_gateway_function, Ultra_cloud_core_\-_session_management_function, Unified_attendant_console_advanced, Unified_contact_center_domain_manager, Unified_contact_center_enterprise, Unified_contact_center_enterprise_\-_live_data_server, Unified_contact_center_management_portal, Debian_linux, H2o, Jetty, Envoy, Big\-Ip_access_policy_manager, Big\-Ip_advanced_firewall_manager, Big\-Ip_advanced_web_application_firewall, Big\-Ip_analytics, Big\-Ip_application_acceleration_manager, Big\-Ip_application_security_manager, Big\-Ip_application_visibility_and_reporting, Big\-Ip_carrier\-Grade_nat, Big\-Ip_ddos_hybrid_defender, Big\-Ip_domain_name_system, Big\-Ip_fraud_protection_service, Big\-Ip_global_traffic_manager, Big\-Ip_link_controller, Big\-Ip_local_traffic_manager, Big\-Ip_next, Big\-Ip_next_service_proxy_for_kubernetes, Big\-Ip_policy_enforcement_manager, Big\-Ip_ssl_orchestrator, Big\-Ip_webaccelerator, Big\-Ip_websafe, Nginx, Nginx_ingress_controller, Nginx_plus, Proxygen, Fedora, Go, Http2, Networking, Grpc, Http, Istio, Jenkins, Http2, Kong_gateway, Armeria, Linkerd, \.net, Asp\.net_core, Azure_kubernetes_service, Cbl\-Mariner, Visual_studio_2022, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Astra_control_center, Oncommand_insight, Netty, Nghttp2, Node\.js, Openresty, Contour, 3scale_api_management_platform, Advanced_cluster_management_for_kubernetes, Advanced_cluster_security, Ansible_automation_platform, Build_of_optaplanner, Build_of_quarkus, Ceph_storage, Cert\-Manager_operator_for_red_hat_openshift, Certification_for_red_hat_enterprise_linux, Cost_management, Cryostat, Decision_manager, Enterprise_linux, Fence_agents_remediation_operator, Integration_camel_for_spring_boot, Integration_camel_k, Integration_service_registry, Jboss_a\-Mq, Jboss_a\-Mq_streams, Jboss_core_services, Jboss_data_grid, Jboss_enterprise_application_platform, Jboss_fuse, Logging_subsystem_for_red_hat_openshift, Machine_deletion_remediation_operator, Migration_toolkit_for_applications, Migration_toolkit_for_containers, Migration_toolkit_for_virtualization, Network_observability_operator, Node_healthcheck_operator, Node_maintenance_operator, Openshift, Openshift_api_for_data_protection, Openshift_container_platform, Openshift_container_platform_assisted_installer, Openshift_data_science, Openshift_dev_spaces, Openshift_developer_tools_and_services, Openshift_distributed_tracing, Openshift_gitops, Openshift_pipelines, Openshift_sandboxed_containers, Openshift_secondary_scheduler_operator, Openshift_serverless, Openshift_service_mesh, Openshift_virtualization, Openstack_platform, Process_automation, Quay, Run_once_duration_override_operator, Satellite, Self_node_remediation_operator, Service_interconnect, Service_telemetry_framework, Single_sign\-On, Support_for_spring_boot, Web_terminal, Traefik, Varnish_cache	7.5
2022-09-27	CVE-2021-27853	Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.	Catalyst_6503\-E_firmware, Catalyst_6504\-E_firmware, Catalyst_6506\-E_firmware, Catalyst_6509\-E_firmware, Catalyst_6509\-Neb\-A_firmware, Catalyst_6509\-V\-E_firmware, Catalyst_6513\-E_firmware, Catalyst_6800ia_firmware, Catalyst_6807\-Xl_firmware, Catalyst_6840\-X_firmware, Catalyst_6880\-X_firmware, Catalyst_c6816\-X\-Le_firmware, Catalyst_c6824\-X\-Le\-40g_firmware, Catalyst_c6832\-X\-Le_firmware, Catalyst_c6840\-X\-Le\-40g_firmware, Ios_xe, Meraki_ms210_firmware, Meraki_ms225_firmware, Meraki_ms250_firmware, Meraki_ms350_firmware, Meraki_ms355_firmware, Meraki_ms390_firmware, Meraki_ms410_firmware, Meraki_ms420_firmware, Meraki_ms425_firmware, Meraki_ms450_firmware, N9k\-C9316d\-Gx_firmware, N9k\-C9332d\-Gx2b_firmware, N9k\-C9348d\-Gx2a_firmware, N9k\-C93600cd\-Gx_firmware, N9k\-C9364d\-Gx2a_firmware, N9k\-X9432c\-S_firmware, N9k\-X9464px_firmware, N9k\-X9464tx2_firmware, N9k\-X9564px_firmware, N9k\-X9564tx_firmware, N9k\-X9636c\-R_firmware, N9k\-X9636c\-Rx_firmware, N9k\-X97160yc\-Ex_firmware, N9k\-X9732c\-Ex_firmware, N9k\-X9732c\-Fx_firmware, N9k\-X9736c\-Ex_firmware, N9k\-X9736c\-Fx_firmware, N9k\-X9788tc\-Fx_firmware, Nexus_92160yc\-X_firmware, Nexus_92300yc_firmware, Nexus_92304qc_firmware, Nexus_92348gc\-X_firmware, Nexus_9236c_firmware, Nexus_9272q_firmware, Nexus_93108tc\-Ex_firmware, Nexus_93108tc\-Fx3p_firmware, Nexus_93108tc\-Fx_firmware, Nexus_93120tx_firmware, Nexus_93180yc\-Ex_firmware, Nexus_93180yc\-Fx3_firmware, Nexus_93180yc\-Fx_firmware, Nexus_93216tc\-Fx2_firmware, Nexus_93240yc\-Fx2_firmware, Nexus_9332c_firmware, Nexus_93360yc\-Fx2_firmware, Nexus_9336c\-Fx2\-E_firmware, Nexus_9336c\-Fx2_firmware, Nexus_9348gc\-Fxp_firmware, Nexus_9364c\-Gx_firmware, Nexus_9364c_firmware, Nexus_9432pq_firmware, Nexus_9504_firmware, Nexus_9508_firmware, Nexus_9516_firmware, Nexus_9536pq_firmware, Nexus_9636pq_firmware, Nexus_9716d\-Gx_firmware, Nexus_9736pq_firmware, Nexus_9800_firmware, Nexus_x9636q\-R_firmware, Sf500\-18p_firmware, Sf500\-24_firmware, Sf500\-24p_firmware, Sf500\-48_firmware, Sf500\-48mp_firmware, Sf\-500\-24mp_firmware, Sg500\-28_firmware, Sg500\-28mpp_firmware, Sg500\-28p_firmware, Sg500\-52_firmware, Sg500\-52mp_firmware, Sg500\-52p_firmware, Sg500x\-24_firmware, Sg500x\-24mpp_firmware, Sg500x\-24p_firmware, Sg500x\-48_firmware, Sg500x\-48mpp_firmware, Sg500x\-48p_firmware, Ieee_802\.2, P802\.1q	4.7
2023-10-16	CVE-2023-20198	Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal...	Ios_xe, Allen\-Bradley_stratix_5200_firmware, Allen\-Bradley_stratix_5800_firmware	10.0
2024-03-27	CVE-2024-20259	A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandled when endpoint analytics are enabled. An attacker could exploit this vulnerability by sending a crafted DHCP request through an affected device. A successful exploit could allow the attacker to...	Ios_xe	8.6