Vulnerabilities > Cisco > IOS > 15.2.4.e1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-6738 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. | 9.0 |
| 2017-07-17 | CVE-2017-6737 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. | 9.0 |
| 2017-03-22 | CVE-2017-3864 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.8 |
| 2017-03-22 | CVE-2017-3857 | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.8 |
| 2017-03-21 | CVE-2017-3850 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.1 |
| 2017-03-21 | CVE-2017-3849 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.1 |
| 2017-01-26 | CVE-2017-3803 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS 15.2(2)E3/15.2(4)E1 A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service (DoS) condition. | 3.3 |
| 2016-10-05 | CVE-2016-6393 | Resource Management Errors vulnerability in Cisco IOS XE The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667. | 7.1 |
| 2016-10-05 | CVE-2016-6385 | Resource Management Errors vulnerability in Cisco IOS and IOS XE Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367. | 7.8 |
| 2016-10-05 | CVE-2016-6380 | Improper Input Validation vulnerability in Cisco IOS The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532. | 8.3 |