Vulnerabilities > Cisco > IOS XE > 16.1.3

DATE CVE VULNERABILITY TITLE RISK
2016-11-19 CVE-2016-6450 Improper Input Validation vulnerability in Cisco IOS XE
A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system.
local
cisco CWE-20
1.9
1.9
2016-10-05 CVE-2016-6379 Improper Input Validation vulnerability in Cisco IOS and IOS XE
Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.
network
low complexity
cisco CWE-20
7.8
7.8
2016-10-05 CVE-2016-6378 Resource Management Errors vulnerability in Cisco IOS XE
Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets that require NAT, aka Bug ID CSCuw85853.
network
low complexity
cisco CWE-399
7.8
7.8
2016-05-29 CVE-2016-1409 Improper Input Validation vulnerability in Cisco IOS
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016.
network
low complexity
cisco CWE-20
5.0
5.0