Vulnerabilities > Cisco > IOS > 15.2.1.sy1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-3217 | Improper Input Validation vulnerability in Cisco products A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. | 8.8 |
| 2020-06-03 | CVE-2020-3204 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. | 6.7 |
| 2020-06-03 | CVE-2020-3201 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. | 6.0 |
| 2020-06-03 | CVE-2020-3200 | Interpretation Conflict vulnerability in Cisco IOS and IOS XE A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. | 7.7 |
| 2020-02-12 | CVE-2011-4661 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured. | 7.5 |
| 2019-09-25 | CVE-2019-12655 | Classic Buffer Overflow vulnerability in Cisco IOS A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-03-28 | CVE-2019-1761 | Improper Initialization vulnerability in Cisco IOS and IOS XE A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. | 4.3 |
| 2019-03-28 | CVE-2019-1758 | Improper Authentication vulnerability in Cisco IOS A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. | 4.3 |
| 2019-03-28 | CVE-2019-1748 | Improper Certificate Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. | 7.4 |