Vulnerabilities > Cisco > IOS XE > 3.18.3vs

DATE CVE VULNERABILITY TITLE RISK
2017-03-22 CVE-2017-3859 Use of Externally-Controlled Format String vulnerability in Cisco IOS XE
A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload.
network
low complexity
cisco CWE-134
7.8
7.8
2017-03-21 CVE-2017-3850 Improper Input Validation vulnerability in Cisco IOS and IOS XE
A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
network
cisco CWE-20
7.1
7.1
2017-03-21 CVE-2017-3849 Improper Input Validation vulnerability in Cisco IOS and IOS XE
A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.
low complexity
cisco CWE-20
6.1
6.1