Vulnerabilities > Cisco > IOS XE > 16.7.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-3200 | Interpretation Conflict vulnerability in Cisco IOS and IOS XE A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. | 7.7 |
| 2020-02-19 | CVE-2019-1950 | Insecure Default Initialization of Resource vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. | 8.4 |
| 2019-09-25 | CVE-2019-12668 | Cross-site Scripting vulnerability in Cisco IOS and IOS XE A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. | 4.8 |
| 2019-09-25 | CVE-2019-12667 | Cross-site Scripting vulnerability in Cisco IOS XE A vulnerability in the web framework code of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software. | 4.8 |
| 2019-09-25 | CVE-2019-12666 | Path Traversal vulnerability in Cisco IOS XE A vulnerability in the Guest Shell of Cisco IOS XE Software could allow an authenticated, local attacker to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. | 6.7 |
| 2019-09-25 | CVE-2019-12660 | Exposure of Resource to Wrong Sphere vulnerability in Cisco IOS XE A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. | 5.5 |
| 2019-09-25 | CVE-2019-12646 | Improper Initialization vulnerability in Cisco IOS XE A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-03-28 | CVE-2019-1762 | Information Exposure vulnerability in Cisco IOS and IOS XE A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to access sensitive system information on an affected device. | 4.4 |
| 2019-03-28 | CVE-2019-1761 | Improper Initialization vulnerability in Cisco IOS and IOS XE A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. | 4.3 |