Vulnerabilities > Cisco > IOS XE > 16.6.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-06 | CVE-2020-3444 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. | 5.0 |
| 2020-09-24 | CVE-2020-3516 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device. | 4.0 |
| 2020-09-24 | CVE-2020-3425 | Unspecified vulnerability in Cisco IOS XE Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. | 8.8 |
| 2020-06-03 | CVE-2020-3229 | Incorrect Authorization vulnerability in Cisco IOS XE A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. | 9.0 |
| 2020-06-03 | CVE-2020-3225 | Improper Input Validation vulnerability in Cisco IOS Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.8 |
| 2020-02-19 | CVE-2019-1950 | Insecure Default Initialization of Resource vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. | 8.4 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |