Cisco

Ios Xe

554 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2015-0598

  • EPSS 0.36%
  • Published 06.03.2015 03:00:11
  • Last modified 12.04.2025 10:46:40

The RADIUS implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted IPv6 Attributes in Access-Accept packets, aka Bug IDs CSCur84322 and CSCur27693.

5.7

CVE-2015-0632

  • EPSS 0.18%
  • Published 27.02.2015 02:59:33
  • Last modified 12.04.2025 10:46:40

Race condition in the Neighbor Discovery (ND) protocol implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service via a flood of Router Solicitation messages on the local network, aka Bug ID CSCuo67770.

6.8

CVE-2014-7990

  • EPSS 0.08%
  • Published 07.11.2014 11:55:03
  • Last modified 12.04.2025 10:46:40

Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege, aka Bug ID...

6.1

CVE-2014-3409

  • EPSS 1.49%
  • Published 25.10.2014 10:55:05
  • Last modified 12.04.2025 10:46:40

The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq9340...

5

CVE-2014-3403

  • EPSS 0.13%
  • Published 10.10.2014 01:55:09
  • Last modified 12.04.2025 10:46:40

The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647.

4.3

CVE-2014-3404

  • EPSS 0.13%
  • Published 10.10.2014 01:55:09
  • Last modified 12.04.2025 10:46:40

The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677.

4.8

CVE-2014-3405

  • EPSS 0.2%
  • Published 10.10.2014 01:55:09
  • Last modified 12.04.2025 10:46:40

Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy Networks (aka RPL) on both the Autonomic Control Plane (ACP) and external Autonomic Networking Infrastructure (ANI) interfaces, which allows remote attackers to conduct route-inje...

7.8

CVE-2014-3354

  • EPSS 2.9%
  • Published 25.09.2014 10:55:08
  • Last modified 12.04.2025 10:46:40

Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a deni...

7.8

CVE-2014-3355

  • EPSS 1.09%
  • Published 25.09.2014 10:55:08
  • Last modified 12.04.2025 10:46:40

The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malfo...

7.8

CVE-2014-3356

  • EPSS 1.91%
  • Published 25.09.2014 10:55:08
  • Last modified 12.04.2025 10:46:40

The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malfo...