Skip to main content

iOS

574 CVEs product

Monthly

CVE-2021-34703 MEDIUM This Month

A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Denial Of Service iOS Ios Xe
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-34699 HIGH This Week

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Denial Of Service iOS Ios Xe
NVD
CVSS 3.1
7.7
EPSS
1.1%
CVE-2021-1620 HIGH PATCH This Week

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Microsoft Denial Of Service iOS +1
NVD
CVSS 3.1
7.7
EPSS
1.0%
CVE-2021-1460 HIGH This Week

A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service iOS Cgr1000 Firmware Ic3000 Industrial Compute Gateway Firmware
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-1392 HIGH This Week

A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Information Disclosure iOS Ios Xe
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-1391 MEDIUM This Month

A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Authentication Bypass iOS Ios Xe
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-1385 MEDIUM POC This Month

A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to conduct directory traversal attacks and read and write. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Path Traversal iOS Ios Xe
NVD GitHub
CVSS 3.1
6.5
EPSS
2.7%
CVE-2021-1377 MEDIUM This Month

A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Apple Denial Of Service iOS Ios Xe
NVD
CVSS 3.1
5.8
EPSS
1.4%
CVE-2020-3479 HIGH This Week

A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-3477 MEDIUM This Month

A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Apple iOS
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-3476 MEDIUM This Month

A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Apple Cisco Information Disclosure iOS
NVD
CVSS 3.1
6.0
EPSS
0.3%
CVE-2020-3475 HIGH This Week

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Denial Of Service Apple iOS
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2020-3426 CRITICAL Act Now

A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Apple Cisco Information Disclosure +1
NVD
CVSS 3.1
9.1
EPSS
2.2%
CVE-2020-3409 HIGH This Week

A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2020-3408 HIGH This Week

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
8.6
EPSS
1.6%
CVE-2020-3258 CRITICAL PATCH Act Now

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE Apple iOS
NVD
CVSS 3.1
9.8
EPSS
4.6%
CVE-2020-3257 HIGH PATCH This Week

Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000). Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity.

Cisco RCE Denial Of Service Apple iOS
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2020-3235 HIGH PATCH This Week

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Cisco Denial Of Service Apple iOS Ios Xe +1
NVD
CVSS 3.1
7.7
EPSS
1.6%
CVE-2020-3234 HIGH PATCH This Week

A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Cisco Authentication Bypass Apple iOS
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-3231 MEDIUM PATCH This Month

A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required, low attack complexity.

Cisco Authentication Bypass iOS
NVD
CVSS 3.1
4.7
EPSS
0.5%
CVE-2020-3230 HIGH This Week

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Microsoft Apple iOS +1
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-3228 HIGH PATCH This Week

A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Cisco Denial Of Service Microsoft Apple iOS +2
NVD
CVSS 3.1
8.6
EPSS
1.8%
CVE-2020-3226 HIGH This Week

A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
8.6
EPSS
1.6%
CVE-2020-3225 HIGH PATCH This Week

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
8.6
EPSS
2.1%
CVE-2020-3217 HIGH PATCH This Week

A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Cisco RCE Denial Of Service Apple iOS +3
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2020-3210 MEDIUM PATCH This Month

A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Cisco Command Injection Apple iOS
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-3208 MEDIUM PATCH This Month

A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) could allow an authenticated, local attacker to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Cisco Privilege Escalation Apple iOS
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-3205 HIGH PATCH This Week

A vulnerability in the implementation of the inter-VM channel of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Cisco Apple iOS
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-3204 MEDIUM PATCH This Month

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Cisco RCE Apple iOS +1
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-3201 MEDIUM PATCH This Month

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
6.0
EPSS
0.3%
CVE-2020-3200 HIGH PATCH This Week

A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
7.7
EPSS
1.7%
CVE-2020-3199 HIGH This Week

Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000). Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Denial Of Service Apple iOS
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-3198 CRITICAL PATCH Act Now

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE Apple iOS
NVD
CVSS 3.1
9.8
EPSS
4.5%
CVE-2020-3315 MEDIUM This Month

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Firepower Threat Defense Secure Firewall Management Center iOS
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-12672 MEDIUM This Month

A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker with physical access to an affected device to execute arbitrary code on the underlying. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Apple RCE iOS
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2019-12670 MEDIUM This Month

A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple iOS
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-12669 HIGH This Week

A vulnerability in the RADIUS Change of Authorization (CoA) code of Cisco TrustSec, a feature within Cisco IOS XE Software, could allow an unauthenticated, remote attacker to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Apple iOS
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-12668 MEDIUM This Month

A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Apple iOS Ios Xe
NVD
CVSS 3.1
4.8
EPSS
0.8%
CVE-2019-12665 HIGH This Week

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Apple Information Disclosure iOS
NVD
CVSS 3.1
7.4
EPSS
1.1%
CVE-2019-12656 HIGH This Week

A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco iOS Industrial Ethernet 2000 Series Firmware Ic3000 Firmware +3
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-12655 HIGH This Week

A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Apple iOS
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2019-12652 HIGH This Week

A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Apple iOS
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2019-12651 HIGH This Week

Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Command Injection iOS Cloud Services Router 1000V Firmware +1
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2019-12650 HIGH This Week

Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Command Injection iOS Ios Xe
NVD
CVSS 3.1
8.8
EPSS
28.9%
CVE-2019-12649 MEDIUM This Month

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Cisco Apple Information Disclosure Ios Xe +1
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2019-12648 HIGH This Week

A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple iOS
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2019-1649 MEDIUM This Month

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Asa 5500 Firmware Firepower 2100 Firmware Firepower 4000 Firmware +24
NVD
CVSS 3.1
6.7
EPSS
0.6%
CVE-2019-1762 MEDIUM PATCH This Month

A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to access sensitive system information on an affected device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Cisco Apple Information Disclosure iOS Ios Xe
NVD
CVSS 3.0
4.4
EPSS
0.2%
CVE-2019-1761 MEDIUM PATCH This Month

A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.

Cisco Apple Information Disclosure iOS Ios Xe
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2019-1758 MEDIUM PATCH This Month

A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Cisco Apple iOS
NVD
CVSS 3.0
4.3
EPSS
0.6%
CVE-2019-1757 MEDIUM This Month

A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Apple Information Disclosure iOS Ios Xe
NVD
CVSS 3.1
5.9
EPSS
1.1%
CVE-2019-1756 HIGH PATCH This Week

A vulnerability in Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Information Disclosure iOS Ios Xe
NVD
CVSS 3.0
7.2
EPSS
3.8%
CVE-2019-1752 HIGH PATCH This Week

A vulnerability in the ISDN functions of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS Ios Xe
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-1751 HIGH PATCH This Week

A vulnerability in the Network Address Translation 64 (NAT64) functions of Cisco IOS Software could allow an unauthenticated, remote attacker to cause either an interface queue wedge or a device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS
NVD
CVSS 3.0
7.5
EPSS
2.5%
CVE-2019-1748 HIGH PATCH This Week

A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Cisco Apple Information Disclosure iOS +1
NVD
CVSS 3.1
7.4
EPSS
1.2%
CVE-2019-1747 HIGH PATCH This Week

A vulnerability in the implementation of the Short Message Service (SMS) handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS Ios Xe
NVD
CVSS 3.1
8.6
EPSS
2.4%
CVE-2019-1746 MEDIUM PATCH This Month

A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS Ios Xe
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-1740 HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple Ios Xe iOS
NVD
CVSS 3.1
8.6
EPSS
2.2%
CVE-2019-1739 HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS Ios Xe
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-1738 HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS Ios Xe
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-1737 HIGH PATCH This Week

A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Cisco Apple Ios Xe iOS
NVD
CVSS 3.1
8.6
EPSS
2.6%
CVE-2018-15377 HIGH This Week

A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS
NVD
CVSS 3.1
8.6
EPSS
1.6%
CVE-2018-15376 MEDIUM This Month

A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Apple iOS
NVD
CVSS 3.0
6.7
EPSS
0.3%
CVE-2018-15375 MEDIUM This Month

A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Apple iOS
NVD
CVSS 3.0
6.7
EPSS
0.3%
CVE-2018-15373 HIGH This Week

A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.0
7.4
EPSS
0.7%
CVE-2018-15369 MEDIUM This Month

A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.0
6.8
EPSS
2.1%
CVE-2018-0485 HIGH This Week

A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated,. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco iOS Ios Xe
NVD
CVSS 3.0
8.6
EPSS
4.1%
CVE-2018-0475 HIGH This Week

A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS). Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.0
7.4
EPSS
0.9%
CVE-2018-0473 HIGH This Week

A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS
NVD
CVSS 3.0
8.6
EPSS
3.5%
CVE-2018-0466 MEDIUM This Month

A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.0
6.5
EPSS
1.0%
CVE-2018-0197 MEDIUM This Month

A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2018-0131 MEDIUM This Month

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Microsoft Information Disclosure Apple iOS +1
NVD
CVSS 3.0
5.9
EPSS
1.7%
CVE-2018-0255 HIGH This Week

A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Apple iOS
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2018-0180 MEDIUM KEV THREAT This Month

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Apple iOS
NVD
CVSS 3.1
5.9
EPSS
5.0%
CVE-2018-0179 MEDIUM KEV THREAT This Month

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Apple iOS
NVD
CVSS 3.1
5.9
EPSS
5.0%
CVE-2018-0175 HIGH KEV THREAT This Week

Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Denial Of Service Apple +3
NVD
CVSS 3.1
8.0
EPSS
3.5%
CVE-2018-0174 HIGH KEV THREAT This Week

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
8.6
EPSS
7.8%
CVE-2018-0173 HIGH KEV THREAT This Week

A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
8.6
EPSS
7.8%
CVE-2018-0172 HIGH KEV THREAT This Week

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
8.6
EPSS
8.0%
CVE-2018-0169 HIGH This Week

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Apple iOS
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-0167 HIGH KEV THREAT This Week

Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated,. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Denial Of Service Apple +3
NVD
CVSS 3.1
8.8
EPSS
3.4%
CVE-2018-0163 MEDIUM This Month

A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple iOS
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2018-0161 MEDIUM KEV THREAT This Month

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Apple iOS
NVD
CVSS 3.1
6.3
EPSS
4.7%
CVE-2018-0159 HIGH KEV THREAT This Week

A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Microsoft Denial Of Service Apple iOS +1
NVD
CVSS 3.1
7.5
EPSS
7.0%
CVE-2018-0158 HIGH KEV THREAT This Week

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Microsoft Denial Of Service Apple iOS +1
NVD
CVSS 3.1
8.6
EPSS
7.3%
CVE-2018-0156 HIGH KEV THREAT This Week

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
7.5
EPSS
8.3%
CVE-2018-0155 HIGH KEV THREAT This Week

A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated,. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco iOS Ios Xe
NVD
CVSS 3.1
8.6
EPSS
7.9%
CVE-2018-0154 HIGH KEV THREAT This Week

A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple iOS
NVD
CVSS 3.1
7.5
EPSS
7.2%
CVE-2018-0123 MEDIUM This Month

A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Path Traversal Apple iOS Ios Xe
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2017-12304 MEDIUM This Month

A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Cisco iOS
NVD
CVSS 3.0
6.1
EPSS
0.2%
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Denial Of Service +2
NVD
EPSS 1% CVSS 7.7
HIGH This Week

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Denial Of Service +2
NVD
EPSS 1% CVSS 7.7
HIGH PATCH This Week

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Microsoft +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service iOS +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Information Disclosure +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Authentication Bypass +2
NVD
EPSS 3% CVSS 6.5
MEDIUM POC This Month

A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to conduct directory traversal attacks and read and write. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Path Traversal iOS +1
NVD GitHub
EPSS 1% CVSS 5.8
MEDIUM This Month

A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Apple Denial Of Service +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Apple +1
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Apple Cisco +2
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Denial Of Service +2
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Apple +3
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 2% CVSS 8.6
HIGH This Week

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE +2
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000). Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity.

Cisco RCE Denial Of Service +2
NVD
EPSS 2% CVSS 7.7
HIGH PATCH This Week

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Cisco Denial Of Service Apple +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Cisco Authentication Bypass Apple +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required, low attack complexity.

Cisco Authentication Bypass iOS
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Microsoft +3
NVD
EPSS 2% CVSS 8.6
HIGH PATCH This Week

A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Cisco Denial Of Service Microsoft +4
NVD
EPSS 2% CVSS 8.6
HIGH This Week

A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 2% CVSS 8.6
HIGH PATCH This Week

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Cisco Denial Of Service Apple +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Cisco RCE Denial Of Service +5
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Cisco Command Injection Apple +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) could allow an authenticated, local attacker to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Cisco Privilege Escalation Apple +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A vulnerability in the implementation of the inter-VM channel of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Cisco Apple +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Cisco RCE +3
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Cisco Denial Of Service Apple +2
NVD
EPSS 2% CVSS 7.7
HIGH PATCH This Week

A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Cisco Denial Of Service Apple +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000). Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Denial Of Service +2
NVD
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE +2
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Firepower Threat Defense +2
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker with physical access to an affected device to execute arbitrary code on the underlying. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Apple RCE +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the RADIUS Change of Authorization (CoA) code of Cisco TrustSec, a feature within Cisco IOS XE Software, could allow an unauthenticated, remote attacker to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Apple +1
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Apple +2
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Apple Information Disclosure +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco iOS +5
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Apple +1
NVD
EPSS 3% CVSS 7.5
HIGH This Week

A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Apple +1
NVD
EPSS 3% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Command Injection +3
NVD
EPSS 29% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Command Injection +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Cisco Apple +3
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple +1
NVD
EPSS 1% CVSS 6.7
MEDIUM This Month

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Asa 5500 Firmware +26
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to access sensitive system information on an affected device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Cisco Apple Information Disclosure +2
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.

Cisco Apple Information Disclosure +2
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Cisco Apple +1
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Apple Information Disclosure +2
NVD
EPSS 4% CVSS 7.2
HIGH PATCH This Week

A vulnerability in Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Information Disclosure +2
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A vulnerability in the ISDN functions of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A vulnerability in the Network Address Translation 64 (NAT64) functions of Cisco IOS Software could allow an unauthenticated, remote attacker to cause either an interface queue wedge or a device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +1
NVD
EPSS 1% CVSS 7.4
HIGH PATCH This Week

A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Cisco Apple +3
NVD
EPSS 2% CVSS 8.6
HIGH PATCH This Week

A vulnerability in the implementation of the Short Message Service (SMS) handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 2% CVSS 8.6
HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 3% CVSS 8.6
HIGH PATCH This Week

A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Cisco Apple +2
NVD
EPSS 2% CVSS 8.6
HIGH This Week

A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Apple +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Apple +1
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 4% CVSS 8.6
HIGH This Week

A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated,. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco iOS +1
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS). Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 4% CVSS 8.6
HIGH This Week

A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 2% CVSS 5.9
MEDIUM This Month

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Microsoft Information Disclosure +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Apple +1
NVD
EPSS 5% CVSS 5.9
MEDIUM KEV THREAT This Month

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Apple +1
NVD
EPSS 5% CVSS 5.9
MEDIUM KEV THREAT This Month

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Apple +1
NVD
EPSS 4% CVSS 8.0
HIGH KEV THREAT This Week

Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco +5
NVD
EPSS 8% CVSS 8.6
HIGH KEV THREAT This Week

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 8% CVSS 8.6
HIGH KEV THREAT This Week

A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 8% CVSS 8.6
HIGH KEV THREAT This Week

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Apple +1
NVD
EPSS 3% CVSS 8.8
HIGH KEV THREAT This Week

Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated,. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco +5
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple +1
NVD
EPSS 5% CVSS 6.3
MEDIUM KEV THREAT This Month

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Apple +1
NVD
EPSS 7% CVSS 7.5
HIGH KEV THREAT This Week

A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Microsoft Denial Of Service +3
NVD
EPSS 7% CVSS 8.6
HIGH KEV THREAT This Week

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Microsoft Denial Of Service +3
NVD
EPSS 8% CVSS 7.5
HIGH KEV THREAT This Week

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
EPSS 8% CVSS 8.6
HIGH KEV THREAT This Week

A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated,. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco iOS +1
NVD
EPSS 7% CVSS 7.5
HIGH KEV THREAT This Week

A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Path Traversal Apple +2
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Cisco +1
NVD
Prev Page 4 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy