Vulnerabilities > Cisco > IOS > 15.6.2.sp2

DATE CVE VULNERABILITY TITLE RISK
2017-09-29 CVE-2017-12237 Resource Exhaustion vulnerability in Cisco IOS and IOS XE
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition.
network
low complexity
cisco CWE-400
7.8
7.8
2017-09-29 CVE-2017-12231 Unspecified vulnerability in Cisco IOS
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco
7.8
7.8
2017-09-29 CVE-2017-12228 Improper Certificate Validation vulnerability in Cisco IOS and IOS XE
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate.
network
cisco CWE-295
4.3
4.3
2017-08-07 CVE-2017-6770 Improper Input Validation vulnerability in Cisco products
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database.
network
high complexity
cisco CWE-20
4.2
4.2
2017-08-07 CVE-2017-6665 Cleartext Transmission of Sensitive Information vulnerability in Cisco IOS and IOS XE
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system, an Information Disclosure Vulnerability.
low complexity
cisco CWE-319
6.5
6.5
2017-08-07 CVE-2017-6663 Unspecified vulnerability in Cisco IOS and IOS XE
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition.
low complexity
cisco
6.5
6.5