Vulnerabilities > Cisco > IOS XE > 3.3.0.xo

DATE CVE VULNERABILITY TITLE RISK
2014-09-25 CVE-2014-3358 OS Command Injection vulnerability in Cisco IOS and IOS XE
Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950.
network
low complexity
cisco CWE-78
7.8
7.8
2014-09-25 CVE-2014-3357 OS Command Injection vulnerability in Cisco IOS and IOS XE
Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866.
network
low complexity
cisco CWE-78
7.8
7.8
2014-09-25 CVE-2014-3356 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS XE
The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCue22753.
network
low complexity
cisco CWE-119
7.8
7.8
2014-09-25 CVE-2014-3355 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS XE
The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCug75942.
network
low complexity
cisco CWE-119
7.8
7.8