Vulnerabilities > Cisco > IOS XE > 16.2

DATE CVE VULNERABILITY TITLE RISK
2017-03-22 CVE-2017-3858 Improper Input Validation vulnerability in Cisco IOS XE 16.2/16.2.1
A vulnerability in the web framework of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges.
network
low complexity
cisco CWE-20
8.8
8.8
2016-10-05 CVE-2016-6393 Resource Management Errors vulnerability in Cisco IOS XE
The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667.
network
low complexity
cisco CWE-399
7.5
7.5
2016-10-05 CVE-2016-6384 Improper Input Validation vulnerability in Cisco IOS and IOS XE
Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.17 and 16.2 allow remote attackers to cause a denial of service (device reload) via crafted fields in an H.323 message, aka Bug ID CSCux04257.
network
low complexity
cisco CWE-20
7.5
7.5