Vulnerabilities > Cisco > IOS XE > 15.3.3.s3.16

DATE CVE VULNERABILITY TITLE RISK
2019-05-13 CVE-2019-1649 Improper Locking vulnerability in Cisco products
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component.
local
low complexity
cisco CWE-667
6.7
6.7
2018-10-05 CVE-2018-0481 OS Command Injection vulnerability in Cisco IOS XE 15.3(3)S3.16/16.7.1/16.7(1)
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges.
local
low complexity
cisco CWE-78
7.2
7.2
2018-10-05 CVE-2018-0477 OS Command Injection vulnerability in Cisco IOS XE 15.3(3)S3.16/16.7.1/16.7(1)
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges.
local
low complexity
cisco CWE-78
7.2
7.2