Vulnerabilities > Cisco > IOS XE > 16.12.5b

DATE CVE VULNERABILITY TITLE RISK
2021-01-13 CVE-2021-1224 Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.
network
low complexity
cisco snort
5.3
5.3
2021-01-13 CVE-2021-1223 Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.
network
low complexity
cisco snort
7.5
7.5
2020-09-23 CVE-2019-16009 Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS
A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
network
low complexity
cisco CWE-352
8.8
8.8
2020-04-29 CVE-2019-16011 Improper Input Validation vulnerability in Cisco IOS XE
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges.
local
low complexity
cisco CWE-20
7.8
7.8
2019-09-25 CVE-2019-12660 Exposure of Resource to Wrong Sphere vulnerability in Cisco IOS XE
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device.
local
low complexity
cisco CWE-668
5.5
5.5