Vulnerabilities > Cisco > IOS XE > 17.3.1w

DATE CVE VULNERABILITY TITLE RISK
2021-01-13 CVE-2021-1236 Always-Incorrect Control Flow Implementation vulnerability in multiple products
Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system.
network
low complexity
cisco snort CWE-670
5.3
5.3
2021-01-13 CVE-2021-1224 Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.
network
low complexity
cisco snort
5.3
5.3
2021-01-13 CVE-2021-1223 Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.
network
low complexity
cisco snort
7.5
7.5
2020-09-23 CVE-2019-16009 Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS
A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
network
low complexity
cisco CWE-352
8.8
8.8
2019-09-25 CVE-2019-12660 Exposure of Resource to Wrong Sphere vulnerability in Cisco IOS XE
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device.
local
low complexity
cisco CWE-668
5.5
5.5