Cisco

Ios Xe

554 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-20278

  • EPSS 0.13%
  • Published 27.03.2024 17:15:51
  • Last modified 01.08.2025 15:22:56

A vulnerability in the NETCONF feature of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker...

7.4

CVE-2024-20303

  • EPSS 0.08%
  • Published 27.03.2024 17:15:51
  • Last modified 31.07.2025 16:56:36

A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to i...

8.6

CVE-2024-20259

  • EPSS 0.5%
  • Published 27.03.2024 17:15:50
  • Last modified 30.04.2025 15:19:23

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due t...

5.3

CVE-2023-20246

  • EPSS 0.07%
  • Published 01.11.2023 18:15:09
  • Last modified 21.11.2024 07:40:59

Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that...

7.2

CVE-2023-20273

Warning
  • EPSS 92.04%
  • Published 25.10.2023 18:17:23
  • Last modified 02.04.2025 18:19:40

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vu...

10

CVE-2023-20198

Warning Media report
  • EPSS 94.1%
  • Published 16.10.2023 16:15:10
  • Last modified 15.05.2025 18:37:33

Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that th...

7.5

CVE-2023-44487

Warning Media report Exploit
  • EPSS 94.44%
  • Published 10.10.2023 14:15:10
  • Last modified 11.06.2025 17:29:54

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

8.8

CVE-2023-20235

  • EPSS 0.18%
  • Published 04.10.2023 17:15:09
  • Last modified 21.11.2024 07:40:57

A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the roo...

9.1

CVE-2023-20186

  • EPSS 0.11%
  • Published 27.09.2023 18:15:11
  • Last modified 21.11.2024 07:40:46

A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system...

7.5

CVE-2023-20187

  • EPSS 0.38%
  • Published 27.09.2023 18:15:11
  • Last modified 21.11.2024 07:40:46

A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting...