The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Cisco IOS-XE

Cisco IOS XE: Cross Site Request Forgery via Web UI
An attacker can trigger a Cross Site Request Forgery via Web UI of Cisco IOS XE, in order to force the victim to perform operations...
CERTFR-2019-AVI-270, cisco-sa-20190612-iosxe-csrf, CSCuy98103, CVE-2019-1904, VIGILANCE-VUL-29526
Cisco: overwrite of the firmware image
A local authenticated attacker can replace the firmware image of Cisco devices, in order to get full control of the device...
cisco-sa-20190513-secureboot, CVE-2019-1649, VIGILANCE-VUL-29281, VU#400865
Cisco IOS XE: shell command execution via Web UI
An attacker can use a vulnerability via the Web UI of Cisco IOS XE, in order to run code...
CERTFR-2019-AVI-205, cisco-sa-20190513-webui, CVE-2019-1862, VIGILANCE-VUL-29280, VU#400865
Cisco IOS, IOS XE: multiple vulnerabilities
An attacker can use several vulnerabilities of Cisco IOS and IOS XE...
cisco-sa-20190327-afu, cisco-sa-20190327-c6500, cisco-sa-20190327-call-home-cert, cisco-sa-20190327-cmp-dos, cisco-sa-20190327-eta-dos, cisco-sa-20190327-evss, cisco-sa-20190327-info, cisco-sa-20190327-ios-infoleak, cisco-sa-20190327-iosxe-cmdinj, cisco-sa-20190327-iosxe-cmdinject, cisco-sa-20190327-iosxe-pe, cisco-sa-20190327-iosxe-privesc, cisco-sa-20190327-ipsla-dos, cisco-sa-20190327-isdn, cisco-sa-20190327-mgmtacl, cisco-sa-20190327-nat64, cisco-sa-20190327-pfrv3, cisco-sa-20190327-pnp-cert, cisco-sa-20190327-rsp3-ospf, cisco-sa-20190327-sms-dos, cisco-sa-20190327-xecmd, cisco-sa-20190327-xeid, CVE-2019-1737, CVE-2019-1738, CVE-2019-1739, CVE-2019-1740, CVE-2019-1741, CVE-2019-1742, CVE-2019-1743, CVE-2019-1745, CVE-2019-1746, CVE-2019-1747, CVE-2019-1748, CVE-2019-1749, CVE-2019-1750, CVE-2019-1751, CVE-2019-1752, CVE-2019-1753, CVE-2019-1754, CVE-2019-1755, CVE-2019-1756, CVE-2019-1757, CVE-2019-1758, CVE-2019-1759, CVE-2019-1760, CVE-2019-1761, CVE-2019-1762, VIGILANCE-VUL-28888
Cisco IOS, IOS XE: denial of service via TCP HTTP Server
An attacker can trigger a fatal error via TCP HTTP Server of Cisco IOS or IOS XE, in order to trigger a denial of service...
cisco-sa-20190109-tcp, CSCvg39082, CVE-2018-0282, VIGILANCE-VUL-28209
Cisco IOS, IOS XE: access via SSH VRF
An attacker can bypass restrictions to open a SSH connection via VRF of Cisco IOS or IOS XE, in order to try to authenticate...
cisco-sa-20190109-ios-ssh-vrf, CSCvk37852, CVE-2018-0484, VIGILANCE-VUL-28205
Cisco IOS XE: use after free via Web UI
An attacker can force the usage of a freed memory area via Web UI of Cisco IOS XE, in order to trigger a denial of service, and possibly to run code...
CERTFR-2018-AVI-458, cisco-sa-20180926-webuidos, CSCva31961, CVE-2018-0469, VIGILANCE-VUL-27346
Cisco IOS XE: buffer overflow via HTTP
An attacker can generate a buffer overflow via HTTP of Cisco IOS XE, in order to trigger a denial of service, and possibly to run code...
CERTFR-2018-AVI-458, cisco-sa-20180926-webdos, CSCvb22618, CVE-2018-0470, VIGILANCE-VUL-27345
Cisco IOS, IOS XE: denial of service via VLAN Trunking Protocol
An attacker can generate a fatal error via VLAN Trunking Protocol of Cisco IOS and IOS XE, in order to trigger a denial of service...
CERTFR-2018-AVI-458, cisco-sa-20180926-vtp, CSCvd37163, CVE-2018-0197, VIGILANCE-VUL-27344
Cisco IOS, IOS XE: denial of service via TACACS
An attacker can generate a fatal error via TACACS of Cisco IOS and IOS XE, in order to trigger a denial of service...
CERTFR-2018-AVI-458, cisco-sa-20180926-tacplus, CSCux66796, CVE-2018-15369, VIGILANCE-VUL-27343
Our database contains other pages. You can request a free trial to read them.

Display information about Cisco IOS-XE: