Vulnerabilities > Cisco > IOS XE > 15.8.3.m3

DATE CVE VULNERABILITY TITLE RISK
2020-09-24 CVE-2020-3407 NULL Pointer Dereference vulnerability in Cisco IOS XE 15.8(3)M3
A vulnerability in the RESTCONF and NETCONF-YANG access control list (ACL) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload.
network
low complexity
cisco CWE-476
8.6
8.6
2020-02-19 CVE-2019-1950 Insecure Default Initialization of Resource vulnerability in Cisco IOS XE
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device.
local
low complexity
cisco CWE-1188
8.4
8.4
2019-05-13 CVE-2019-1649 Improper Locking vulnerability in Cisco products
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component.
local
low complexity
cisco CWE-667
6.7
6.7