Vulnerabilities > Cisco > IOS XE > 3.7.2s

DATE CVE VULNERABILITY TITLE RISK
2013-12-28 CVE-2013-6981 Improper Input Validation vulnerability in Cisco IOS XE
Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709.
network
high complexity
cisco CWE-20
5.4
5.4
2013-11-22 CVE-2013-6692 Resource Management Errors vulnerability in Cisco IOS XE
Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA packet that triggers an address requirement, aka Bug ID CSCuh04949.
network
cisco CWE-399
6.3
6.3
2013-10-31 CVE-2013-5546 Improper Input Validation vulnerability in Cisco products
The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509.
network
low complexity
cisco CWE-20
7.8
7.8