Vulnerabilities > Cisco > IOS XE > 3.17.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-27 | CVE-2017-12319 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability. | 5.9 |
| 2017-09-29 | CVE-2017-12237 | Unspecified vulnerability in Cisco IOS A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. | 7.5 |
| 2017-09-29 | CVE-2017-12228 | Improper Certificate Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. | 5.9 |
| 2017-07-17 | CVE-2017-6739 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. | 8.8 |
| 2017-07-17 | CVE-2017-6738 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. | 8.8 |
| 2017-07-17 | CVE-2017-6737 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. | 8.8 |
| 2017-03-22 | CVE-2017-3857 | Resource Exhaustion vulnerability in Cisco IOS A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2017-02-03 | CVE-2017-3824 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XE 3.16.0/3.16.1/3.17.0 A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition. | 6.8 |
| 2016-10-05 | CVE-2016-6393 | Resource Management Errors vulnerability in Cisco IOS XE The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667. | 7.5 |
| 2016-09-22 | CVE-2014-2146 | Improper Input Validation vulnerability in Cisco IOS XE The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847. | 6.5 |