Vulnerabilities > Cisco > IOS > 12.2.15.cz2

DATE CVE VULNERABILITY TITLE RISK
2017-09-29 CVE-2017-12240 Improper Input Validation vulnerability in Cisco IOS
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.
network
low complexity
cisco CWE-20
critical
 10.0
10
2016-10-05 CVE-2016-6380 Improper Input Validation vulnerability in Cisco IOS
The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532.
network
cisco CWE-20
8.3
8.3
2016-10-05 CVE-2016-6384 Improper Input Validation vulnerability in Cisco IOS XE
Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.17 and 16.2 allow remote attackers to cause a denial of service (device reload) via crafted fields in an H.323 message, aka Bug ID CSCux04257.
network
low complexity
cisco CWE-20
7.8
7.8
2016-05-29 CVE-2016-1409 Improper Input Validation vulnerability in Cisco IOS
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016.
network
low complexity
cisco CWE-20
5.0
5.0