Vulnerabilities > Cisco > IOS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-3226 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 8.6 |
| 2020-06-03 | CVE-2020-3225 | Improper Input Validation vulnerability in Cisco IOS and IOS XE Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
| 2020-06-03 | CVE-2020-3217 | Improper Input Validation vulnerability in Cisco products A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. | 8.8 |
| 2020-06-03 | CVE-2020-3205 | OS Command Injection vulnerability in Cisco IOS A vulnerability in the implementation of the inter-VM channel of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, adjacent attacker to execute arbitrary shell commands on the Virtual Device Server (VDS) of an affected device. | 8.8 |
| 2020-06-03 | CVE-2020-3200 | Interpretation Conflict vulnerability in Cisco IOS and IOS XE A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. | 7.7 |
| 2020-06-03 | CVE-2020-3199 | Unspecified vulnerability in Cisco IOS Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. low complexity cisco | 8.8 |
| 2020-02-12 | CVE-2011-4661 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured. | 7.5 |
| 2019-09-25 | CVE-2019-12669 | Unspecified vulnerability in Cisco IOS 15.2(3)E/15.2(3)E5/16.11.1 A vulnerability in the RADIUS Change of Authorization (CoA) code of Cisco TrustSec, a feature within Cisco IOS XE Software, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-09-25 | CVE-2019-12665 | Unspecified vulnerability in Cisco IOS 15.6(2)T/Fd1.5.0 A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. | 7.4 |
| 2019-09-25 | CVE-2019-12656 | Unspecified vulnerability in Cisco products A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a denial of service (DoS) condition. | 7.5 |