Vulnerabilities > Cisco > IOS > 15.9.3.m3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-15 | CVE-2022-20761 | Improper Input Validation vulnerability in Cisco IOS A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. | 6.5 |
| 2021-09-23 | CVE-2021-1620 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. | 7.7 |
| 2021-09-23 | CVE-2021-34699 | Interpretation Conflict vulnerability in Cisco IOS and IOS XE A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. | 7.7 |
| 2021-09-23 | CVE-2021-34703 | Improper Initialization vulnerability in Cisco IOS A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 6.5 |
| 2021-09-23 | CVE-2021-34705 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. | 5.3 |
| 2021-03-24 | CVE-2021-1385 | Path Traversal vulnerability in Cisco IOS and IOS XE A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to conduct directory traversal attacks and read and write files on the underlying operating system or host system. | 6.5 |
| 2020-09-23 | CVE-2019-16009 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 8.8 |
| 2019-09-25 | CVE-2019-12655 | Classic Buffer Overflow vulnerability in Cisco IOS A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2017-10-19 | CVE-2017-12289 | Information Exposure vulnerability in Cisco IOS A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. | 4.4 |