Vulnerabilities > Cisco > IOS XE > 16.3.5

DATE CVE VULNERABILITY TITLE RISK
2018-03-28 CVE-2018-0184 OS Command Injection vulnerability in Cisco IOS XE
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device.
local
low complexity
cisco CWE-78
6.7
6.7
2018-03-28 CVE-2018-0183 OS Command Injection vulnerability in Cisco IOS XE
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device.
local
low complexity
cisco CWE-78
6.7
6.7
2017-09-29 CVE-2017-12237 Unspecified vulnerability in Cisco IOS
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition.
network
low complexity
cisco
7.5
7.5