CVSS: 6.8EPSS: 0%CPEs: 1040EXPL: 0CVE-2023-20109 – Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2023-20109
27 Sep 2023 — A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability is due to insufficient validation of attributes in the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols of the GET VPN feature. An attacker could exploit this vu... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-getvpn-rce-g8qR68sx • CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 136EXPL: 0CVE-2023-20227
https://notcve.org/view.php?id=CVE-2023-20227
27 Sep 2023 — A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain L2TP packets. An attacker could exploit this vulnerability by sending crafted L2TP packets to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. Note: Only tra... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-l2tp-dos-eB5tuFmV • CWE-388: 7PK - Errors •
CVSS: 8.6EPSS: 0%CPEs: 208EXPL: 0CVE-2023-20187
https://notcve.org/view.php?id=CVE-2023-20187
27 Sep 2023 — A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect handling of certain IPv6 multicast packets when they are fanned out more than seven times on an affected device. An attacker could exploit this vulnerability by sending a specific IP... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mlre-H93FswRz • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 9.0EPSS: 0%CPEs: 140EXPL: 0CVE-2023-20231
https://notcve.org/view.php?id=CVE-2023-20231
27 Sep 2023 — A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with level 15 privileges. Note: This vulnerability is exploitable only if the attacker obtains the creden... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdij-FzZAeXAy • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.7EPSS: 0%CPEs: 1446EXPL: 0CVE-2022-20920 – Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20920
10 Oct 2022 — A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit this vulnerability by continuously connecting to an affected device and sending specific SSH requests. A successful exploit could allow the attacker to cause the affected device to reload. Una vulnerabilidad en la impl... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssh-excpt-dos-FzOBQTnk • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.2EPSS: 0%CPEs: 29EXPL: 0CVE-2022-20676 – Cisco IOS XE Software Tool Command Language Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-20676
15 Apr 2022 — A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root-level privileges. This vulnerability is due to insufficient input validation of data that is passed into the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to execute arbitrary commands as root. By default, Tcl shell acce... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-priv-esc-grbtubU • CWE-20: Improper Input Validation CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2019-12665 – Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-12665
25 Sep 2019 — A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new requests to existing, persistent HTTP connections. An attacker could exploit this vulnerability by acting as a man-in-the-middle and then reading and/or modifying data that should normally have been sent through an... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-http-client • CWE-399: Resource Management Errors •
CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 0CVE-2018-15377 – Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability
https://notcve.org/view.php?id=CVE-2018-15377
05 Oct 2018 — A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to insufficient input validation by the affected software. An attacker could exploit this vulnerability by sending invalid data to the Cisco Network Plug and Play agent on an affected device. A successful exploit could allow the atta... • https://ics-cert.us-cert.gov/advisories/ICSA-19-094-02 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.6EPSS: 9%CPEs: 24EXPL: 0CVE-2018-0173 – Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2018-0173
28 Mar 2018 — A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of encapsulated option 82 information that it receives in DHCPOFFER messages from DHCPv4 servers. An attacker ... • http://www.securityfocus.com/bid/103545 • CWE-20: Improper Input Validation •