Vulnerabilities > Cisco > IOS XE > 3.16.1s
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-34696 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the access control list (ACL) programming of Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass a configured ACL. | 5.8 |
| 2021-09-23 | CVE-2021-34699 | Interpretation Conflict vulnerability in Cisco IOS and IOS XE A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. | 7.7 |
| 2021-09-23 | CVE-2021-34703 | Improper Initialization vulnerability in Cisco IOS A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 6.5 |
| 2021-09-23 | CVE-2021-34705 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. | 5.3 |
| 2021-09-23 | CVE-2021-34714 | Improper Input Validation vulnerability in Cisco products A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. | 7.4 |
| 2021-09-23 | CVE-2021-34729 | OS Command Injection vulnerability in Cisco IOS XE and IOS XE Sd-Wan A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. | 6.7 |
| 2021-03-24 | CVE-2021-1446 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2021-03-24 | CVE-2021-1442 | Unspecified vulnerability in Cisco IOS XE A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to the level of an Administrator user (level 15) on an affected device. | 7.8 |
| 2021-03-24 | CVE-2021-1398 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attacker with level 15 privileges or an unauthenticated attacker with physical access to execute arbitrary code on the underlying Linux operating system of an affected device. low complexity cisco | 6.8 |
| 2021-03-24 | CVE-2021-1384 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands into the underlying operating system as the root user. | 7.2 |