Vulnerabilities > Cisco > IOS XE > 3.2.0ja
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-28 | CVE-2019-1755 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the Web Services Management Agent (WSMA) function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege level 15 user. | 9.0 |
| 2019-03-28 | CVE-2019-1754 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web UI. | 9.0 |
| 2019-03-28 | CVE-2019-1753 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web UI. | 9.0 |
| 2019-03-28 | CVE-2019-1742 | Improper Access Control vulnerability in Cisco IOS XE A vulnerability in the web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access sensitive configuration information. | 5.0 |
| 2019-03-28 | CVE-2019-1741 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the Cisco Encrypted Traffic Analytics (ETA) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.8 |
| 2019-03-28 | CVE-2019-1740 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.8 |
| 2019-03-28 | CVE-2019-1739 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2019-03-28 | CVE-2019-1738 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2018-10-05 | CVE-2018-0197 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on an affected device and cause a denial of service (DoS) condition. | 3.3 |
| 2017-09-29 | CVE-2017-12236 | Improper Authentication vulnerability in Cisco IOS XE 16.5.1C/3.2.0Ja/3.9.1E A vulnerability in the implementation of the Locator/ID Separation Protocol (LISP) in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote attacker using an x tunnel router to bypass authentication checks performed when registering an Endpoint Identifier (EID) to a Routing Locator (RLOC) in the map server/map resolver (MS/MR). | 7.5 |