Vulnerabilities > Cisco > IOS XE > 16.12.1x
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-24 | CVE-2020-3425 | Unspecified vulnerability in Cisco IOS XE Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. | 8.8 |
2020-09-24 | CVE-2020-3417 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. | 6.7 |
2020-06-03 | CVE-2020-3219 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. | 9.0 |
2020-06-03 | CVE-2020-3214 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges. | 6.7 |