Latest cisco ios xe Vulnerabilities

CVE-2024-20313
A vulnerability in the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a den...
Cisco IOS XE=17.5.1
Cisco IOS XE=17.5.1a
Cisco IOS XE=17.6.1
Cisco IOS XE=17.6.1a
Cisco IOS XE=17.6.1w
Cisco IOS XE=17.6.1x
and 32 more
CVE-2023-20246
Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. ...
Snort Snort>=3.0.0<3.1.57.0
Cisco Firepower Threat Defense>=7.0.0<=7.3.1.1
Cisco IOS XE>=17.12<17.12.2
CVE-2023-20273
Cisco IOS XE Web UI Command Injection Vulnerability
Cisco Cisco IOS XE Web UI
Cisco IOS XE>=17.3<17.3.8a
Cisco IOS XE>=17.6<17.6.6a
Cisco IOS XE>=17.9<17.9.4a
Cisco IOS XE>=16.12<16.12.10a
Cisco Catalyst 3650
and 122 more
CVE-2023-20198
Cisco IOS XE Web UI Privilege Escalation Vulnerability
Cisco IOS XE>=16.12<16.12.10a
Cisco IOS XE>=17.3<17.3.8a
Cisco IOS XE>=17.6<17.6.6a
Cisco IOS XE>=17.9<17.9.4a
CVE-2023-44487
- Rapid Reset HTTP/2 vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2022
Microsoft Windows Server 2022
Microsoft Windows 11=22H2
Microsoft Windows 11=22H2
and 556 more
CVE-2023-20235
A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to...
Cisco IOS XE<17.3.1
Cisco Catalyst Ie3200 Rugged Switch
Cisco Catalyst Ie3300 Rugged Switch
Cisco Catalyst Ie3400 Rugged Switch
Cisco Catalyst Ir1101
Cisco Catalyst Ir1821-k9
and 34 more
CVE-2023-20202
A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS)...
Cisco IOS XE=17.9.1
Cisco IOS XE=17.9.1a
Cisco IOS XE=17.9.1w
Cisco IOS XE=17.9.1x
Cisco IOS XE=17.9.1x1
Cisco IOS XE=17.9.1y
and 64 more
CVE-2023-20109
Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
Cisco IOS=12.4\(22\)md
Cisco IOS=12.4\(22\)md1
Cisco IOS=12.4\(22\)md2
Cisco IOS=12.4\(22\)mda
Cisco IOS=12.4\(22\)mda1
Cisco IOS=12.4\(22\)mda2
and 1035 more
CVE-2023-20186
A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command autho...
Cisco IOS=12.2\(58\)ex
Cisco IOS=12.2\(58\)ey
Cisco IOS=12.2\(58\)ey1
Cisco IOS=12.2\(58\)ey2
Cisco IOS=12.2\(58\)ez
Cisco IOS=12.2\(58\)se
and 990 more
CVE-2023-20227
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected de...
Cisco IOS XE=16.8.1
Cisco IOS XE=16.8.1a
Cisco IOS XE=16.8.1b
Cisco IOS XE=16.8.1c
Cisco IOS XE=16.8.1d
Cisco IOS XE=16.8.1e
and 266 more
CVE-2023-20226
A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to r...
Cisco IOS XE=17.7.1
Cisco IOS XE=17.7.1a
Cisco IOS XE=17.7.2
Cisco IOS XE=17.8.1
Cisco IOS XE=17.8.1a
Cisco IOS XE=17.9.1
and 70 more
CVE-2023-20033
A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, r...
Cisco IOS XE=16.3.1
Cisco IOS XE=16.3.1a
Cisco IOS XE=16.3.2
Cisco IOS XE=16.3.3
Cisco IOS XE=16.3.4
Cisco IOS XE=16.3.5
and 358 more
CVE-2023-20187
A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker...
Cisco IOS XE=3.7.1s
Cisco IOS XE=3.7.2s
Cisco IOS XE=3.7.2ts
Cisco IOS XE=3.7.3s
Cisco IOS XE=3.7.4s
Cisco IOS XE=3.7.5s
and 410 more
CVE-2023-20231
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insuffic...
Cisco IOS XE=16.12.4
Cisco IOS XE=16.12.4a
Cisco IOS XE=16.12.5
Cisco IOS XE=16.12.5a
Cisco IOS XE=16.12.5b
Cisco IOS XE=16.12.6
and 274 more
CVE-2023-20100
A vulnerability in the access point (AP) joining process of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could ...
Cisco IOS XE=17.10.1
Cisco Catalyst 9800
Cisco Catalyst 9800-40
Cisco Catalyst 9800-40 Wireless Controller
Cisco Catalyst 9800-80
Cisco Catalyst 9800-80 Wireless Controller
and 5 more
CVE-2023-20097
A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to impro...
Cisco Wireless LAN Controller Software<8.10.183.0
Cisco Esw6300
Cisco Aironet Access Point Software<17.9.0.135
Cisco Aironet 1540
Cisco Aironet 1542d
Cisco Aironet 1542i
and 58 more
CVE-2023-20080
A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) cond...
Cisco IOS=12.2\(6\)i1
Cisco IOS=15.1\(2\)sg
Cisco IOS=15.1\(2\)sg1
Cisco IOS=15.1\(2\)sg2
Cisco IOS=15.1\(2\)sg3
Cisco IOS=15.1\(2\)sg4
and 846 more
CVE-2023-20072
A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting ...
Cisco IOS XE=17.9.1
Cisco IOS XE=17.9.1a
Cisco IOS XE=17.9.1w
CVE-2023-20066
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of...
Cisco IOS XE=16.12.3
Cisco IOS XE=17.3.2
Cisco IOS XE=17.6.2
Cisco 1000 Integrated Services Router
Cisco 1100-4g Integrated Services Router
Cisco 1100-4p Integrated Services Router
and 268 more
CVE-2023-20082
A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical acce...
Cisco IOS XE<17.3.7
Cisco IOS XE>=17.4<17.6.5
Cisco IOS XE=17.7
Cisco Catalyst 9300
Cisco Catalyst 9300-24p-a
Cisco Catalyst 9300-24p-e
and 40 more
CVE-2023-20067
A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (...
Cisco IOS XE=16.10.1
Cisco IOS XE=16.10.1e
Cisco IOS XE=16.10.1s
Cisco IOS XE=16.11.1
Cisco IOS XE=16.11.1a
Cisco IOS XE=16.11.1b
and 42 more
CVE-2023-20056
A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerab...
Cisco Wireless LAN Controller Software<8.10.183.0
Cisco Esw6300
Cisco Aironet Access Point Software<17.9.0.135
Cisco Aironet 1540
Cisco Aironet 1542d
Cisco Aironet 1542i
and 58 more
CVE-2023-20081
A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Softwar...
Cisco Adaptive Security Appliance Software=9.8.1
Cisco Adaptive Security Appliance Software=9.8.1.5
Cisco Adaptive Security Appliance Software=9.8.1.7
Cisco Adaptive Security Appliance Software=9.8.2
Cisco Adaptive Security Appliance Software=9.8.2.8
Cisco Adaptive Security Appliance Software=9.8.2.14
and 615 more
CVE-2023-20027
A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (...
Cisco IOS XE=3.9.0as
Cisco IOS XE=3.9.1s
Cisco IOS XE=3.9.2s
Cisco IOS XE=3.10.0s
Cisco IOS XE=3.10.1s
Cisco IOS XE=3.10.2as
and 218 more
CVE-2023-20029
A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to...
Cisco IOS XE=17.7.1
Cisco IOS XE=17.8.1
Cisco Catalyst 9200
Cisco Catalyst 9200cx
Cisco Catalyst 9200l
Cisco Catalyst 9300
and 42 more
CVE-2023-20065
A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulne...
Cisco IOS XE=17.6.3
Cisco IOS XE=17.11.1
Cisco 1000 Integrated Services Router
Cisco 1100-4g Integrated Services Router
Cisco 1100-4p Integrated Services Router
Cisco 1100-6g Integrated Services Router
and 540 more
CVE-2023-20076
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulne...
Cisco IC3000 Industrial Compute Gateway<1.4.2
Cisco IOx
Cisco IOS XE<17.6.5
Cisco IOS XE>=17.9.0<17.9.2
Cisco IOS XE=17.10.0
Cisco Cgr1240 Firmware<1.16.0.1
and 41 more
CVE-2022-20944
A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned ...
Cisco IOS XE
Cisco Catalyst 9200
Cisco Catalyst 9200cx
Cisco Catalyst 9200l
Cisco Catalyst C9200-24p
Cisco Catalyst C9200-24t
and 14 more
CVE-2022-20915
A vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of servi...
Cisco IOS XE
CVE-2022-20837
A vulnerability in the DNS application layer gateway (ALG) functionality that is used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to c...
Cisco IOS XE
Cisco Asr 1000-esp100-x
Cisco Asr 1000-esp200-x
Cisco Catalyst 8500
Cisco Catalyst 8500-4qc
CVE-2022-20920
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due...
Cisco IOS
Cisco IOS XE
Cisco IOS=3.2.0se
Cisco IOS=3.2.1se
Cisco IOS=3.2.2se
Cisco IOS=3.2.3se
and 1441 more
CVE-2022-20919
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to...
Cisco IOS XE=17.9.1
Cisco 1000 Integrated Services Router
Cisco 1100-4g Integrated Services Router
Cisco 1100-4p Integrated Services Router
Cisco 1100-6g Integrated Services Router
Cisco 1100-8p Integrated Services Router
and 316 more
CVE-2022-20856
A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow...
Cisco IOS XE=17.3.4c
Cisco Catalyst 9800
Cisco Catalyst 9800-40
Cisco Catalyst 9800-80
Cisco Catalyst 9800-cl
Cisco Catalyst 9800-l
and 2 more
CVE-2022-20847
A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of serv...
Cisco IOS XE=17.3.3
Cisco Catalyst 9800
Cisco Catalyst 9800-40
Cisco Catalyst 9800-80
Cisco Catalyst 9800-cl
Cisco Catalyst 9800-l
and 2 more
CVE-2022-20848
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to ...
Cisco IOS XE=17.6.1
Cisco IOS XE=17.6.3
Cisco IOS XE=17.9.1
Cisco 1000 Integrated Services Router
Cisco 1100-4g\/6g Integrated Services Router
Cisco 1100-4g Integrated Services Router
and 358 more
CVE-2022-20855
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restri...
Cisco IOS XE=17.6.1
Cisco Catalyst 9105
Cisco Catalyst 9105axi
Cisco Catalyst 9105axw
Cisco Catalyst 9115
Cisco Catalyst 9115 Ap
and 24 more
CVE-2022-20851
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to ins...
Cisco IOS XE=17.6.1
Cisco 1000 Integrated Services Router
Cisco 1100-4g Integrated Services Router
Cisco 1100-4p Integrated Services Router
Cisco 1100-6g Integrated Services Router
Cisco 1100-8p Integrated Services Router
and 253 more
CVE-2022-20810
A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensi...
Cisco IOS XE
Cisco Catalyst 9800
Cisco Catalyst 9800-40
Cisco Catalyst 9800-40 Wireless Controller
Cisco Catalyst 9800-80
Cisco Catalyst 9800-80 Wireless Controller
and 5 more
CVE-2021-27853
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.
Ieee Ieee 802.2<=802.2h-1997
Ietf P802.1q<=d1.0
Cisco Catalyst 6503-e Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6503-e
Cisco Catalyst 6504-e Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6504-e
and 306 more
CVE-2022-20721
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex...
Cisco Ir510 Operating System
Cisco IOS XE
Cisco IOS XE=16.3.1
Cisco IOS XE=16.3.1a
Cisco IOS XE=16.3.2
Cisco IOS XE=16.3.3
and 138 more
CVE-2022-20724
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex...
Cisco Cgr1000 Compute Module
Cisco IC3000 Industrial Compute Gateway
Cisco Ir510 Operating System
Cisco IOS
Cisco IOS=15.2\(5\)e1
Cisco IOS=15.2\(5\)e2c
and 425 more
CVE-2022-20725
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex...
Cisco Cgr1000 Compute Module
Cisco IC3000 Industrial Compute Gateway
Cisco Ir510 Operating System
Cisco IOS=15.2\(5\)e1
Cisco IOS=15.2\(5\)e2c
Cisco IOS=15.2\(6\)e0a
and 272 more
CVE-2022-20727
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex...
Cisco Cgr1000 Compute Module<1.15.0.1
Cisco IC3000 Industrial Compute Gateway<1.4.1
Cisco Ir510 Operating System<6.5.9
Cisco IOS=15.2\(5\)e1
Cisco IOS=15.2\(6\)e0a
Cisco IOS=15.2\(6\)e1
and 213 more
CVE-2022-20719
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex...
Cisco Ir510 Operating System
Cisco IOS XE
Cisco IOS XE=16.3.1
Cisco IOS XE=16.3.1a
Cisco IOS XE=16.3.2
Cisco IOS XE=16.3.3
and 138 more
CVE-2022-20723
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex...
Cisco Ir510 Operating System
Cisco IOS XE
Cisco IOS XE=16.3.1
Cisco IOS XE=16.3.1a
Cisco IOS XE=16.3.2
Cisco IOS XE=16.3.3
and 138 more
CVE-2022-20718
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex...
Cisco Ir510 Operating System
Cisco IOS XE
Cisco IOS XE=16.3.1
Cisco IOS XE=16.3.1a
Cisco IOS XE=16.3.2
Cisco IOS XE=16.3.3
and 135 more
CVE-2022-20722
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex...
Cisco Ir510 Operating System
Cisco IOS XE
Cisco IOS XE=16.3.1
Cisco IOS XE=16.3.1a
Cisco IOS XE=16.3.2
Cisco IOS XE=16.3.3
and 138 more
CVE-2022-20720
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex...
Cisco Ir510 Operating System
Cisco IOS XE
Cisco IOS XE=16.3.1
Cisco IOS XE=16.3.1a
Cisco IOS XE=16.3.2
Cisco IOS XE=16.3.3
and 280 more
CVE-2022-20683
A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker...
Cisco IOS XE=3.15.1xbs
Cisco IOS XE=3.15.2xbs
Cisco IOS XE=16.7.2
Cisco IOS XE=16.7.3
Cisco IOS XE=16.7.4
Cisco IOS XE=16.8.1
and 95 more
CVE-2022-20681
A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate ...
Cisco IOS XE
Cisco IOS XE=16.11.1
Cisco IOS XE=16.11.1a
Cisco IOS XE=16.11.1b
Cisco IOS XE=16.11.1c
Cisco IOS XE=16.11.1s
and 62 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203