Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ios_xe
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 519 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-11-07 | CVE-2014-7990 | Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege, aka Bug ID CSCur09815. | Air\-Ct5760, Ios_xe, Ws\-C3850, Ws\-C3860 | N/A | ||
| 2014-10-25 | CVE-2014-3409 | The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406. | Ios, Ios_xe | N/A | ||
| 2014-10-09 | CVE-2014-3405 | Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy Networks (aka RPL) on both the Autonomic Control Plane (ACP) and external Autonomic Networking Infrastructure (ANI) interfaces, which allows remote attackers to conduct route-injection attacks via crafted RPL advertisements on an ANI interface, aka Bug ID CSCuq22673. | Ios_xe | N/A | ||
| 2014-10-09 | CVE-2014-3404 | The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677. | Ios_xe | N/A | ||
| 2014-10-09 | CVE-2014-3403 | The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647. | Ios_xe | N/A | ||
| 2014-09-25 | CVE-2014-3360 | Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586. | Ios, Ios_xe | N/A | ||
| 2014-09-25 | CVE-2014-3359 | Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed DHCPv6 packets, aka Bug ID CSCum90081. | Ios, Ios_xe | N/A | ||
| 2014-09-25 | CVE-2014-3358 | Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950. | Ios, Ios_xe | N/A | ||
| 2014-09-25 | CVE-2014-3357 | Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866. | Ios, Ios_xe | N/A | ||
| 2014-09-25 | CVE-2014-3356 | The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCue22753. | Ios_xe | N/A |