Vulnerabilities > Cisco > IOS XE > 3.8.2e
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-10-05 | CVE-2016-6385 | Resource Management Errors vulnerability in Cisco IOS and IOS XE Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367. | 7.8 |
2016-10-05 | CVE-2016-6384 | Improper Input Validation vulnerability in Cisco IOS XE Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.17 and 16.2 allow remote attackers to cause a denial of service (device reload) via crafted fields in an H.323 message, aka Bug ID CSCux04257. | 7.8 |
2016-09-22 | CVE-2014-2146 | Improper Input Validation vulnerability in Cisco IOS XE The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847. | 4.3 |
2016-09-19 | CVE-2016-6415 | Information Exposure vulnerability in Cisco IOS XE The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN. | 5.0 |
2014-10-25 | CVE-2014-3409 | Resource Management Errors vulnerability in Cisco IOS XE The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406. | 6.1 |
2014-04-29 | CVE-2014-2183 | Improper Input Validation vulnerability in Cisco products The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973. | 6.3 |
2013-11-22 | CVE-2013-6692 | Resource Management Errors vulnerability in Cisco IOS XE Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA packet that triggers an address requirement, aka Bug ID CSCuh04949. | 6.3 |