Vulnerabilities > Cisco > IOS XE > 3.9.1s

DATE CVE VULNERABILITY TITLE RISK
2014-04-29 CVE-2014-2183 Improper Input Validation vulnerability in Cisco products
The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.
network
cisco CWE-20
6.3
6.3
2014-03-27 CVE-2014-2113 Improper Input Validation vulnerability in Cisco IOS and IOS XE
Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540.
network
low complexity
cisco CWE-20
7.8
7.8
2014-03-27 CVE-2014-2108 Improper Input Validation vulnerability in Cisco IOS and IOS XE
Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426.
network
low complexity
cisco CWE-20
7.8
7.8
2013-10-31 CVE-2013-5547 Improper Input Validation vulnerability in Cisco products
Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269.
network
low complexity
cisco CWE-20
7.8
7.8
2013-10-31 CVE-2013-5545 Improper Input Validation vulnerability in Cisco products
The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936.
network
low complexity
cisco CWE-20
7.8
7.8