Vulnerabilities > Cisco > IOS XE > 3.8.8e
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2017-07-17 | CVE-2017-6743 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XE The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. | 9.0 |
| 2017-03-22 | CVE-2017-3857 | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.8 |
| 2017-03-17 | CVE-2017-3881 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. | 10.0 |
| 2014-04-29 | CVE-2014-2183 | Improper Input Validation vulnerability in Cisco products The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973. | 6.3 |