Vulnerabilities > Cisco > IOS XE > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-23 CVE-2021-34697 Improper Initialization vulnerability in Cisco IOS XE
A vulnerability in the Protection Against Distributed Denial of Service Attacks feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct denial of service (DoS) attacks to or through the affected device.
network
low complexity
cisco CWE-665
8.6
2021-09-23 CVE-2021-34699 Interpretation Conflict vulnerability in Cisco IOS and IOS XE
A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload.
network
low complexity
cisco CWE-436
7.7
2021-09-23 CVE-2021-34714 Improper Input Validation vulnerability in Cisco products
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload.
low complexity
cisco CWE-20
7.4
2021-09-23 CVE-2021-34767 Always-Incorrect Control Flow Implementation vulnerability in Cisco IOS XE
A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a Layer 2 (L2) loop in a configured VLAN, resulting in a denial of service (DoS) condition for that VLAN.
low complexity
cisco CWE-670
7.4
2021-09-23 CVE-2021-34768 Double Free vulnerability in Cisco IOS XE
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-415
7.5
2021-09-23 CVE-2021-34769 Double Free vulnerability in Cisco IOS XE
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-415
7.5
2021-09-23 CVE-2021-34770 Out-of-bounds Write vulnerability in Cisco IOS XE
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-787
7.2
2021-03-24 CVE-2021-1373 Unspecified vulnerability in Cisco IOS XE
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device.
network
low complexity
cisco
8.6
2021-03-24 CVE-2021-1446 Unspecified vulnerability in Cisco IOS XE
A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.
network
low complexity
cisco
7.5
2021-03-24 CVE-2021-1443 OS Command Injection vulnerability in Cisco IOS XE
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying operating system of an affected device.
network
low complexity
cisco CWE-78
7.2