Vulnerabilities > Cisco > IOS XE > 16.12.1

DATE CVE VULNERABILITY TITLE RISK
2019-09-25 CVE-2019-12663 Improper Input Validation vulnerability in Cisco IOS XE 16.12.1/16.6.4
A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
7.8
7.8
2019-09-25 CVE-2019-12660 Improper Input Validation vulnerability in Cisco IOS XE
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device.
local
low complexity
cisco CWE-20
4.9
4.9
2019-09-25 CVE-2019-12646 Improper Initialization vulnerability in Cisco IOS XE
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.
network
low complexity
cisco CWE-665
7.5
7.5
2019-03-28 CVE-2019-1746 Improper Input Validation vulnerability in Cisco IOS
A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device.
low complexity
cisco CWE-20
6.1
6.1