Vulnerabilities > Cisco > IOS XE > 3.13.6s
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-6740 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. | 8.8 |
| 2017-07-17 | CVE-2017-6739 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. | 8.8 |
| 2017-07-17 | CVE-2017-6738 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. | 8.8 |
| 2017-07-17 | CVE-2017-6737 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. | 8.8 |
| 2017-07-17 | CVE-2017-6736 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. | 8.8 |
| 2017-03-22 | CVE-2017-3859 | Use of Externally-Controlled Format String vulnerability in Cisco IOS XE A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2017-03-22 | CVE-2017-3857 | Resource Exhaustion vulnerability in Cisco IOS A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2017-03-21 | CVE-2017-3850 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.9 |
| 2017-03-21 | CVE-2017-3849 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 7.4 |
| 2017-02-03 | CVE-2017-3820 | Improper Initialization vulnerability in Cisco IOS XE 3.13.6S/3.16.2S/3.17.1S A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. | 6.5 |